package b.a.a.a.a.f;

import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import org.bouncycastle.asn1.a1;
import org.bouncycastle.asn1.k2.d;
import org.bouncycastle.asn1.n2.c;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.e;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jscep.client.b;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class a {
    public static byte[] a(JSONObject jSONObject) {
        Security.addProvider(new BouncyCastleProvider());
        b bVar = new b(new URL(jSONObject.getString("scepUrl")), new org.jscep.client.f.b());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(jSONObject.getInt("keySize"));
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        c cVar = new c(jSONObject.getString("subjectName"));
        e eVar = new e(cVar, BigInteger.valueOf(1L), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + 8640000000L), cVar, genKeyPair.getPublic());
        org.bouncycastle.operator.c a2 = new org.bouncycastle.operator.jcajce.a("SHA256withRSA").a(genKeyPair.getPrivate());
        X509Certificate a3 = new JcaX509CertificateConverter().a(eVar.a(a2));
        org.bouncycastle.pkcs.c.a aVar = new org.bouncycastle.pkcs.c.a(cVar, genKeyPair.getPublic());
        aVar.a(d.O, new a1(jSONObject.getString("challengePassword")));
        org.jscep.client.d b2 = bVar.b(a3, genKeyPair.getPrivate(), aVar.b(a2), "NDESCA");
        Certificate[] certificateArr = new Certificate[1];
        if (b2.d()) {
            Iterator<? extends Certificate> it = b2.a().getCertificates(null).iterator();
            while (it.hasNext()) {
                certificateArr[0] = it.next();
            }
        } else if (b2.c()) {
            throw new Exception(b2.b().toString());
        }
        KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12, "BC");
        keyStore.load(null, null);
        keyStore.setKeyEntry(jSONObject.getString("certificateAlias"), genKeyPair.getPrivate(), "".toCharArray(), certificateArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, "".toCharArray());
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        byteArrayOutputStream.close();
        return byteArray;
    }
}
