package org.bouncycastle.est;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.asn1.bg;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.util.Strings;

/* loaded from: classes5.dex */
public class q implements e {

    /* renamed from: d, reason: collision with root package name */
    private static final org.bouncycastle.operator.m f97984d = new org.bouncycastle.operator.j();
    private static final Set<String> g;

    /* renamed from: a, reason: collision with root package name */
    public final String f97985a;

    /* renamed from: b, reason: collision with root package name */
    public final String f97986b;

    /* renamed from: c, reason: collision with root package name */
    public final char[] f97987c;
    private final SecureRandom e;
    private final org.bouncycastle.operator.o f;

    static {
        HashSet hashSet = new HashSet();
        hashSet.add("realm");
        hashSet.add("nonce");
        hashSet.add("opaque");
        hashSet.add("algorithm");
        hashSet.add("qop");
        g = Collections.unmodifiableSet(hashSet);
    }

    public q(String str, String str2, char[] cArr) {
        this(str, str2, cArr, null, null);
    }

    public q(String str, String str2, char[] cArr, SecureRandom secureRandom, org.bouncycastle.operator.o oVar) {
        this.f97985a = str;
        this.f97986b = str2;
        this.f97987c = cArr;
        this.e = secureRandom;
        this.f = oVar;
    }

    public q(String str, char[] cArr) {
        this(null, str, cArr, null, null);
    }

    public q(String str, char[] cArr, SecureRandom secureRandom, org.bouncycastle.operator.o oVar) {
        this(null, str, cArr, secureRandom, oVar);
    }

    private String a(int i) {
        byte[] bArr = new byte[i];
        this.e.nextBytes(bArr);
        return org.bouncycastle.util.encoders.f.a(bArr);
    }

    private org.bouncycastle.asn1.x509.b a(String str) {
        if (str.endsWith("-SESS")) {
            str = str.substring(0, str.length() - 5);
        }
        return str.equals("SHA-512-256") ? new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.z.d.h, bg.f94803a) : f97984d.a(str);
    }

    private org.bouncycastle.operator.n a(String str, org.bouncycastle.asn1.x509.b bVar) throws IOException {
        try {
            return this.f.a(bVar);
        } catch (OperatorCreationException e) {
            StringBuilder a2 = com.bytedance.p.d.a();
            a2.append("cannot create digest calculator for ");
            a2.append(str);
            a2.append(": ");
            a2.append(e.getMessage());
            throw new IOException(com.bytedance.p.d.a(a2));
        }
    }

    private void a(OutputStream outputStream, String str) throws IOException {
        outputStream.write(Strings.a(str));
    }

    private void a(OutputStream outputStream, char[] cArr) throws IOException {
        outputStream.write(Strings.a(cArr));
    }

    public l a(l lVar) throws IOException {
        String str;
        String str2;
        lVar.b();
        j jVar = lVar.f97960a;
        try {
            Map<String, String> a2 = HttpUtil.a("Digest", lVar.a("WWW-Authenticate"));
            try {
                String path = jVar.f97953b.toURI().getPath();
                for (String str3 : a2.keySet()) {
                    if (!g.contains(str3)) {
                        StringBuilder a3 = com.bytedance.p.d.a();
                        a3.append("Unrecognised entry in WWW-Authenticate header: '");
                        a3.append((Object) str3);
                        a3.append("'");
                        throw new ESTException(com.bytedance.p.d.a(a3));
                    }
                }
                String str4 = jVar.f97952a;
                String str5 = a2.get("realm");
                String str6 = a2.get("nonce");
                String str7 = a2.get("opaque");
                String str8 = "algorithm";
                String str9 = a2.get("algorithm");
                String str10 = "qop";
                String str11 = a2.get("qop");
                ArrayList arrayList = new ArrayList();
                String str12 = this.f97985a;
                if (str12 != null && !str12.equals(str5)) {
                    StringBuilder a4 = com.bytedance.p.d.a();
                    a4.append("Supplied realm '");
                    a4.append(this.f97985a);
                    a4.append("' does not match server realm '");
                    a4.append(str5);
                    a4.append("'");
                    throw new ESTException(com.bytedance.p.d.a(a4), null, 401, null);
                }
                if (str9 == null) {
                    str9 = "MD5";
                }
                if (str9.length() == 0) {
                    throw new ESTException("WWW-Authenticate no algorithm defined.");
                }
                String b2 = Strings.b(str9);
                if (str11 == null) {
                    throw new ESTException("Qop is not defined in WWW-Authenticate header.");
                }
                if (str11.length() == 0) {
                    throw new ESTException("QoP value is empty.");
                }
                String[] split = Strings.c(str11).split(",");
                int i = 0;
                while (true) {
                    String str13 = str8;
                    String str14 = str10;
                    if (i == split.length) {
                        org.bouncycastle.asn1.x509.b a5 = a(b2);
                        if (a5 == null || a5.f95658a == null) {
                            StringBuilder a6 = com.bytedance.p.d.a();
                            a6.append("auth digest algorithm unknown: ");
                            a6.append(b2);
                            throw new IOException(com.bytedance.p.d.a(a6));
                        }
                        org.bouncycastle.operator.n a7 = a(b2, a5);
                        OutputStream b3 = a7.b();
                        String a8 = a(10);
                        a(b3, this.f97986b);
                        a(b3, ":");
                        a(b3, str5);
                        a(b3, ":");
                        a(b3, this.f97987c);
                        b3.close();
                        byte[] c2 = a7.c();
                        if (b2.endsWith("-SESS")) {
                            org.bouncycastle.operator.n a9 = a(b2, a5);
                            OutputStream b4 = a9.b();
                            a(b4, org.bouncycastle.util.encoders.f.a(c2));
                            a(b4, ":");
                            a(b4, str6);
                            a(b4, ":");
                            a(b4, a8);
                            b4.close();
                            c2 = a9.c();
                        }
                        String a10 = org.bouncycastle.util.encoders.f.a(c2);
                        org.bouncycastle.operator.n a11 = a(b2, a5);
                        OutputStream b5 = a11.b();
                        if (((String) arrayList.get(0)).equals("auth-int")) {
                            org.bouncycastle.operator.n a12 = a(b2, a5);
                            str = "auth-int";
                            OutputStream b6 = a12.b();
                            jVar.a(b6);
                            b6.close();
                            byte[] c3 = a12.c();
                            a(b5, str4);
                            a(b5, ":");
                            a(b5, path);
                            a(b5, ":");
                            a(b5, org.bouncycastle.util.encoders.f.a(c3));
                        } else {
                            str = "auth-int";
                            if (((String) arrayList.get(0)).equals("auth")) {
                                a(b5, str4);
                                a(b5, ":");
                                a(b5, path);
                            }
                        }
                        b5.close();
                        String a13 = org.bouncycastle.util.encoders.f.a(a11.c());
                        org.bouncycastle.operator.n a14 = a(b2, a5);
                        OutputStream b7 = a14.b();
                        boolean contains = arrayList.contains("missing");
                        a(b7, a10);
                        a(b7, ":");
                        a(b7, str6);
                        a(b7, ":");
                        if (contains) {
                            a(b7, a13);
                            str2 = str;
                        } else {
                            a(b7, "00000001");
                            a(b7, ":");
                            a(b7, a8);
                            a(b7, ":");
                            str2 = str;
                            if (((String) arrayList.get(0)).equals(str2)) {
                                a(b7, str2);
                            } else {
                                a(b7, "auth");
                            }
                            a(b7, ":");
                            a(b7, a13);
                        }
                        b7.close();
                        String a15 = org.bouncycastle.util.encoders.f.a(a14.c());
                        HashMap hashMap = new HashMap();
                        hashMap.put("username", this.f97986b);
                        hashMap.put("realm", str5);
                        hashMap.put("nonce", str6);
                        hashMap.put("uri", path);
                        hashMap.put("response", a15);
                        if (!((String) arrayList.get(0)).equals(str2)) {
                            if (((String) arrayList.get(0)).equals("auth")) {
                                hashMap.put(str14, "auth");
                            }
                            hashMap.put(str13, b2);
                            if (str7 != null || str7.length() == 0) {
                                hashMap.put("opaque", a(20));
                            }
                            k a16 = new k(jVar).a((i) null);
                            a16.b("Authorization", HttpUtil.a("Digest", hashMap));
                            return jVar.f.a(a16.a());
                        }
                        hashMap.put(str14, str2);
                        hashMap.put("nc", "00000001");
                        hashMap.put("cnonce", a8);
                        hashMap.put(str13, b2);
                        if (str7 != null) {
                        }
                        hashMap.put("opaque", a(20));
                        k a162 = new k(jVar).a((i) null);
                        a162.b("Authorization", HttpUtil.a("Digest", hashMap));
                        return jVar.f.a(a162.a());
                    }
                    if (!split[i].equals("auth") && !split[i].equals("auth-int")) {
                        StringBuilder a17 = com.bytedance.p.d.a();
                        a17.append("QoP value unknown: '");
                        a17.append(i);
                        a17.append("'");
                        throw new ESTException(com.bytedance.p.d.a(a17));
                    }
                    String trim = split[i].trim();
                    if (!arrayList.contains(trim)) {
                        arrayList.add(trim);
                    }
                    i++;
                    str8 = str13;
                    str10 = str14;
                }
            } catch (Exception e) {
                StringBuilder a18 = com.bytedance.p.d.a();
                a18.append("unable to process URL in request: ");
                a18.append(e.getMessage());
                throw new IOException(com.bytedance.p.d.a(a18));
            }
        } catch (Throwable th) {
            StringBuilder a19 = com.bytedance.p.d.a();
            a19.append("Parsing WWW-Authentication header: ");
            a19.append(th.getMessage());
            throw new ESTException(com.bytedance.p.d.a(a19), th, lVar.e, new ByteArrayInputStream(lVar.a("WWW-Authenticate").getBytes()));
        }
    }

    @Override // org.bouncycastle.est.e
    public void a(k kVar) {
        kVar.a(new i() { // from class: org.bouncycastle.est.q.1
            @Override // org.bouncycastle.est.i
            public l a(j jVar, s sVar) throws IOException {
                l lVar = new l(jVar, sVar);
                if (lVar.e != 401) {
                    return lVar;
                }
                String a2 = lVar.a("WWW-Authenticate");
                if (a2 == null) {
                    throw new ESTException("Status of 401 but no WWW-Authenticate header");
                }
                String c2 = Strings.c(a2);
                if (c2.startsWith("digest")) {
                    return q.this.a(lVar);
                }
                if (!c2.startsWith("basic")) {
                    StringBuilder a3 = com.bytedance.p.d.a();
                    a3.append("Unknown auth mode: ");
                    a3.append(c2);
                    throw new ESTException(com.bytedance.p.d.a(a3));
                }
                lVar.b();
                Map<String, String> a4 = HttpUtil.a("Basic", lVar.a("WWW-Authenticate"));
                if (q.this.f97985a != null && !q.this.f97985a.equals(a4.get("realm"))) {
                    StringBuilder a5 = com.bytedance.p.d.a();
                    a5.append("Supplied realm '");
                    a5.append(q.this.f97985a);
                    a5.append("' does not match server realm '");
                    a5.append(a4.get("realm"));
                    a5.append("'");
                    throw new ESTException(com.bytedance.p.d.a(a5), null, 401, null);
                }
                k a6 = new k(jVar).a((i) null);
                if (q.this.f97985a != null && q.this.f97985a.length() > 0) {
                    StringBuilder a7 = com.bytedance.p.d.a();
                    a7.append("Basic realm=\"");
                    a7.append(q.this.f97985a);
                    a7.append("\"");
                    a6.b("WWW-Authenticate", com.bytedance.p.d.a(a7));
                }
                if (q.this.f97986b.contains(":")) {
                    throw new IllegalArgumentException("User must not contain a ':'");
                }
                char[] cArr = new char[q.this.f97986b.length() + 1 + q.this.f97987c.length];
                System.arraycopy(q.this.f97986b.toCharArray(), 0, cArr, 0, q.this.f97986b.length());
                cArr[q.this.f97986b.length()] = ':';
                System.arraycopy(q.this.f97987c, 0, cArr, q.this.f97986b.length() + 1, q.this.f97987c.length);
                StringBuilder a8 = com.bytedance.p.d.a();
                a8.append("Basic ");
                a8.append(org.bouncycastle.util.encoders.a.a(Strings.b(cArr)));
                a6.b("Authorization", com.bytedance.p.d.a(a8));
                l a9 = jVar.f.a(a6.a());
                org.bouncycastle.util.a.b(cArr, (char) 0);
                return a9;
            }
        });
    }
}
