package com.android.identity.wallet.document;

import android.content.Context;
import com.android.identity.wallet.R;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.List;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.io.ByteStreamsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* compiled from: KeysAndCertificates.kt */
@Metadata(d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0000\bÇ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0018\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0002J\u0010\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u000e\u0010\r\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006J\u000e\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0005\u001a\u00020\u0006J\u000e\u0010\u0010\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006J\u000e\u0010\u0011\u001a\u00020\u000f2\u0006\u0010\u0005\u001a\u00020\u0006J\u000e\u0010\u0012\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006J\u000e\u0010\u0013\u001a\u00020\u000f2\u0006\u0010\u0005\u001a\u00020\u0006J\u0018\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0002J\u0018\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bH\u0002J\u0014\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u00040\u00192\u0006\u0010\u0005\u001a\u00020\u0006¨\u0006\u001a"}, d2 = {"Lcom/android/identity/wallet/document/KeysAndCertificates;", "", "()V", "getCertificate", "Ljava/security/cert/X509Certificate;", "context", "Landroid/content/Context;", "resourceId", "", "getKeyBytes", "", "keyInputStream", "Ljava/io/InputStream;", "getMdlDsCertificate", "getMdlDsKeyPair", "Ljava/security/KeyPair;", "getMekbDsCertificate", "getMekbDsKeyPair", "getMicovDsCertificate", "getMicovDsKeyPair", "getPrivateKey", "Ljava/security/PrivateKey;", "getPublicKey", "Ljava/security/PublicKey;", "getTrustedReaderCertificates", "", "appholder_walletDebug"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes23.dex */
public final class KeysAndCertificates {
    public static final KeysAndCertificates INSTANCE = new KeysAndCertificates();
    public static final int $stable = LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6120Int$classKeysAndCertificates();

    private KeysAndCertificates() {
    }

    private final X509Certificate getCertificate(Context context, int resourceId) {
        InputStream openRawResource = context.getResources().openRawResource(resourceId);
        Intrinsics.checkNotNullExpressionValue(openRawResource, "context.resources.openRawResource(resourceId)");
        CertificateFactory certificateFactory = CertificateFactory.getInstance(LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6121xd4aa0ae5());
        Intrinsics.checkNotNullExpressionValue(certificateFactory, "getInstance(\"X509\")");
        Certificate generateCertificate = certificateFactory.generateCertificate(openRawResource);
        Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
        return (X509Certificate) generateCertificate;
    }

    private final byte[] getKeyBytes(InputStream keyInputStream) {
        byte[] readBytes = ByteStreamsKt.readBytes(keyInputStream);
        Charset US_ASCII = StandardCharsets.US_ASCII;
        Intrinsics.checkNotNullExpressionValue(US_ASCII, "US_ASCII");
        byte[] decode = Base64.getDecoder().decode(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(StringsKt.replace$default(new String(readBytes, US_ASCII), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6124xddcddc82(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6130xed858f03(), false, 4, (Object) null), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6125xe94d12c9(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6131xbf6c4fca(), false, 4, (Object) null), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6126xec8af290(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6132xf75ffa11(), false, 4, (Object) null), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6127x5b5b3bd7(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6133xed44dd8(), false, 4, (Object) null), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6128x88f1ae9e(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6134x6e9d0b1f(), false, 4, (Object) null), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6129x17e20ae5(), LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6135xdeedf1e6(), false, 4, (Object) null));
        Intrinsics.checkNotNullExpressionValue(decode, "getDecoder().decode(publicKeyPEM)");
        return decode;
    }

    private final PrivateKey getPrivateKey(Context context, int resourceId) {
        InputStream openRawResource = context.getResources().openRawResource(resourceId);
        Intrinsics.checkNotNullExpressionValue(openRawResource, "context.resources.openRawResource(resourceId)");
        PrivateKey generatePrivate = KeyFactory.getInstance(LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6122xcb169397(), BouncyCastleProvider.PROVIDER_NAME).generatePrivate(new PKCS8EncodedKeySpec(getKeyBytes(openRawResource)));
        Intrinsics.checkNotNullExpressionValue(generatePrivate, "kf.generatePrivate(spec)");
        return generatePrivate;
    }

    private final PublicKey getPublicKey(Context context, int resourceId) {
        InputStream openRawResource = context.getResources().openRawResource(resourceId);
        Intrinsics.checkNotNullExpressionValue(openRawResource, "context.resources.openRawResource(resourceId)");
        PublicKey generatePublic = KeyFactory.getInstance(LiveLiterals$KeysAndCertificatesKt.INSTANCE.m6123xea6ae667(), BouncyCastleProvider.PROVIDER_NAME).generatePublic(new X509EncodedKeySpec(getKeyBytes(openRawResource)));
        Intrinsics.checkNotNullExpressionValue(generatePublic, "kf.generatePublic(spec)");
        return generatePublic;
    }

    public final X509Certificate getMdlDsCertificate(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return getCertificate(context, R.raw.google_mdl_ds_cert_iaca_2);
    }

    public final KeyPair getMdlDsKeyPair(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return new KeyPair(getPublicKey(context, R.raw.google_mdl_ds_cert_iaca_2_pubkey), getPrivateKey(context, R.raw.google_mdl_ds_cert_iaca_2_privkey));
    }

    public final X509Certificate getMekbDsCertificate(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return getCertificate(context, R.raw.google_mekb_ds_cert);
    }

    public final KeyPair getMekbDsKeyPair(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return new KeyPair(getPublicKey(context, R.raw.google_mekb_ds_pubkey), getPrivateKey(context, R.raw.google_mekb_ds_privkey));
    }

    public final X509Certificate getMicovDsCertificate(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return getCertificate(context, R.raw.google_micov_ds_cert);
    }

    public final KeyPair getMicovDsKeyPair(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return new KeyPair(getPublicKey(context, R.raw.google_micov_ds_pubkey), getPrivateKey(context, R.raw.google_micov_ds_privkey));
    }

    public final List<X509Certificate> getTrustedReaderCertificates(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return CollectionsKt.listOf((Object[]) new X509Certificate[]{getCertificate(context, R.raw.bdr_iaca_cert), getCertificate(context, R.raw.bdr_reader_ca_cert), getCertificate(context, R.raw.credenceid_mdl_reader_cert), getCertificate(context, R.raw.fast_reader_auth_cer), getCertificate(context, R.raw.google_reader_ca), getCertificate(context, R.raw.hid_test_reader_ca_mdl_cert), getCertificate(context, R.raw.hidtestiacamdl_cert), getCertificate(context, R.raw.iaca_zetes), getCertificate(context, R.raw.idemia_brisbane_interop_readerauthca), getCertificate(context, R.raw.louisiana_department_of_motor_vehicles_cert), getCertificate(context, R.raw.nist_reader_ca_cer), getCertificate(context, R.raw.reader_ca_nec_reader_ca_cer), getCertificate(context, R.raw.samsung_iaca_test_cert), getCertificate(context, R.raw.scytales_root_ca), getCertificate(context, R.raw.spruce_iaca_cert), getCertificate(context, R.raw.ul_cert_ca_01), getCertificate(context, R.raw.ul_cert_ca_01_cer), getCertificate(context, R.raw.ul_cert_ca_02), getCertificate(context, R.raw.ul_cert_ca_03_cer), getCertificate(context, R.raw.ul_cert_ca_02_cer), getCertificate(context, R.raw.utms_reader_ca), getCertificate(context, R.raw.utms_reader_ca_cer), getCertificate(context, R.raw.zetes_reader_ca), getCertificate(context, R.raw.zetes_reader_ca_cer), getCertificate(context, R.raw.owf_identity_credential_reader_cert)});
    }
}
