package cn.com.syan.jcee.common.impl.cert;

import cn.com.syan.jcee.common.impl.utils.CertificateConverter;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Vector;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERBitString;
import org.spongycastle.asn1.DEROutputStream;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.Certificate;
import org.spongycastle.asn1.x509.ExtendedKeyUsage;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.ExtensionsGenerator;
import org.spongycastle.asn1.x509.KeyUsage;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.asn1.x509.TBSCertificate;
import org.spongycastle.asn1.x509.Time;
import org.spongycastle.asn1.x509.V3TBSCertificateGenerator;
import org.spongycastle.operator.ContentSigner;

/* loaded from: classes.dex */
public class X509V3CertificateBuilder {
    private ExtensionsGenerator extensionsGenerator;
    private V3TBSCertificateGenerator tbsGenerator;

    public X509V3CertificateBuilder(String str, String str2, BigInteger bigInteger, Date date, Date date2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        this(new X500Name(str), new X500Name(str2), new ASN1Integer(bigInteger), new Time(date), new Time(date2), subjectPublicKeyInfo);
    }

    public X509V3CertificateBuilder(X500Name x500Name, X500Name x500Name2, ASN1Integer aSN1Integer, Time time, Time time2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        this.tbsGenerator = new V3TBSCertificateGenerator();
        this.tbsGenerator.setSerialNumber(aSN1Integer);
        this.tbsGenerator.setSubject(x500Name);
        this.tbsGenerator.setIssuer(x500Name2);
        this.tbsGenerator.setStartDate(time);
        this.tbsGenerator.setEndDate(time2);
        this.tbsGenerator.setSubjectPublicKeyInfo(subjectPublicKeyInfo);
        this.extensionsGenerator = new ExtensionsGenerator();
    }

    private static Certificate generateStructure(TBSCertificate tBSCertificate, AlgorithmIdentifier algorithmIdentifier, byte[] bArr) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(tBSCertificate);
        aSN1EncodableVector.add(algorithmIdentifier);
        aSN1EncodableVector.add(new DERBitString(bArr));
        return Certificate.getInstance(new DERSequence(aSN1EncodableVector));
    }

    public void addAuthorityKeyIdentifier(ASN1Encodable aSN1Encodable) throws IOException {
        this.extensionsGenerator.addExtension(Extension.authorityKeyIdentifier, false, aSN1Encodable);
    }

    public void addAuthorityKeyIdentifier(byte[] bArr) {
        this.extensionsGenerator.addExtension(Extension.authorityKeyIdentifier, false, bArr);
    }

    public void addBasicConstraints(boolean z, BasicConstraints basicConstraints) throws IOException {
        this.extensionsGenerator.addExtension(Extension.basicConstraints, z, basicConstraints);
    }

    public void addExtendedKeyUsage(boolean z, ExtendedKeyUsage extendedKeyUsage) throws IOException {
        this.extensionsGenerator.addExtension(Extension.extendedKeyUsage, z, extendedKeyUsage);
    }

    public void addExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) throws IOException {
        this.extensionsGenerator.addExtension(aSN1ObjectIdentifier, z, aSN1Encodable);
    }

    public void addExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, byte[] bArr) {
        this.extensionsGenerator.addExtension(aSN1ObjectIdentifier, z, bArr);
    }

    public void addExtensions(Vector vector, Vector vector2) throws IOException {
        for (int i = 0; i != vector.size(); i++) {
            Extension extension = (Extension) vector2.elementAt(i);
            this.extensionsGenerator.addExtension((ASN1ObjectIdentifier) vector.elementAt(i), extension.isCritical(), extension.getParsedValue());
        }
    }

    public void addKeyUsage(boolean z, KeyUsage keyUsage) throws IOException {
        this.extensionsGenerator.addExtension(Extension.keyUsage, z, keyUsage);
    }

    public void addSubjectKeyIdentifier(ASN1Encodable aSN1Encodable) throws IOException {
        this.extensionsGenerator.addExtension(Extension.subjectKeyIdentifier, false, aSN1Encodable);
    }

    public void addSubjectKeyIdentifier(byte[] bArr) {
        this.extensionsGenerator.addExtension(Extension.subjectKeyIdentifier, false, bArr);
    }

    public X509Certificate build(ContentSigner contentSigner) throws IOException {
        this.tbsGenerator.setSignature(contentSigner.getAlgorithmIdentifier());
        if (!this.extensionsGenerator.isEmpty()) {
            this.tbsGenerator.setExtensions(this.extensionsGenerator.generate());
        }
        TBSCertificate generateTBSCertificate = this.tbsGenerator.generateTBSCertificate();
        OutputStream outputStream = contentSigner.getOutputStream();
        new DEROutputStream(outputStream).writeObject(generateTBSCertificate);
        outputStream.close();
        try {
            return CertificateConverter.fromBinary(generateStructure(generateTBSCertificate, contentSigner.getAlgorithmIdentifier(), contentSigner.getSignature()).getEncoded());
        } catch (CertificateException e) {
            throw new CertRuntimeException(e.getMessage(), e);
        }
    }
}
