package xch.bouncycastle.x509;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;
import net.schmizz.sshj.common.SecurityUtils;
import xch.bouncycastle.asn1.ASN1Encodable;
import xch.bouncycastle.asn1.ASN1EncodableVector;
import xch.bouncycastle.asn1.ASN1InputStream;
import xch.bouncycastle.asn1.ASN1Integer;
import xch.bouncycastle.asn1.ASN1ObjectIdentifier;
import xch.bouncycastle.asn1.DERBitString;
import xch.bouncycastle.asn1.DERObjectIdentifier;
import xch.bouncycastle.asn1.DERSequence;
import xch.bouncycastle.asn1.x509.AlgorithmIdentifier;
import xch.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import xch.bouncycastle.asn1.x509.TBSCertificate;
import xch.bouncycastle.asn1.x509.Time;
import xch.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import xch.bouncycastle.asn1.x509.X509CertificateStructure;
import xch.bouncycastle.asn1.x509.X509ExtensionsGenerator;
import xch.bouncycastle.asn1.x509.X509Name;
import xch.bouncycastle.jce.X509Principal;
import xch.bouncycastle.jce.provider.X509CertificateObject;
import xch.bouncycastle.x509.extension.X509ExtensionUtil;

/* loaded from: classes.dex */
public class X509V3CertificateGenerator {
    private DERObjectIdentifier b;
    private AlgorithmIdentifier c;
    private String d;

    /* renamed from: a, reason: collision with root package name */
    private V3TBSCertificateGenerator f1195a = new V3TBSCertificateGenerator();
    private X509ExtensionsGenerator e = new X509ExtensionsGenerator();

    private X509Certificate a(PrivateKey privateKey, String str) {
        return a(privateKey, str, (SecureRandom) null);
    }

    private X509Certificate a(PrivateKey privateKey, String str, SecureRandom secureRandom) {
        try {
            return b(privateKey, str, secureRandom);
        } catch (InvalidKeyException e) {
            throw e;
        } catch (NoSuchProviderException e2) {
            throw e2;
        } catch (SignatureException e3) {
            throw e3;
        } catch (GeneralSecurityException e4) {
            throw new SecurityException("exception: " + e4);
        }
    }

    private X509Certificate a(PrivateKey privateKey, SecureRandom secureRandom) {
        try {
            return a(privateKey, SecurityUtils.f101a, secureRandom);
        } catch (NoSuchProviderException e) {
            throw new SecurityException("BC provider not installed!");
        }
    }

    private X509Certificate a(TBSCertificate tBSCertificate, byte[] bArr) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.a(tBSCertificate);
        aSN1EncodableVector.a(this.c);
        aSN1EncodableVector.a(new DERBitString(bArr));
        return new X509CertificateObject(new X509CertificateStructure(new DERSequence(aSN1EncodableVector)));
    }

    private void a(String str, boolean z, X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            throw new CertificateParsingException("extension " + str + " not present");
        }
        try {
            a(new DERObjectIdentifier(str), z, X509ExtensionUtil.a(extensionValue));
        } catch (IOException e) {
            throw new CertificateParsingException(e.toString());
        }
    }

    private void a(String str, boolean z, ASN1Encodable aSN1Encodable) {
        a(new DERObjectIdentifier(str), z, aSN1Encodable);
    }

    private void a(String str, boolean z, byte[] bArr) {
        this.e.a(new ASN1ObjectIdentifier(new DERObjectIdentifier(str).c()), z, bArr);
    }

    private void a(X500Principal x500Principal) {
        try {
            this.f1195a.a(new X509Principal(x500Principal.getEncoded()));
        } catch (IOException e) {
            throw new IllegalArgumentException("can't process principal: " + e);
        }
    }

    private void a(DERObjectIdentifier dERObjectIdentifier, boolean z, X509Certificate x509Certificate) {
        String c = dERObjectIdentifier.c();
        byte[] extensionValue = x509Certificate.getExtensionValue(c);
        if (extensionValue == null) {
            throw new CertificateParsingException("extension " + c + " not present");
        }
        try {
            a(new DERObjectIdentifier(c), z, X509ExtensionUtil.a(extensionValue));
        } catch (IOException e) {
            throw new CertificateParsingException(e.toString());
        }
    }

    private void a(DERObjectIdentifier dERObjectIdentifier, boolean z, byte[] bArr) {
        this.e.a(new ASN1ObjectIdentifier(dERObjectIdentifier.c()), z, bArr);
    }

    private void a(boolean[] zArr) {
        this.f1195a.b(c(zArr));
    }

    private X509Certificate b(PrivateKey privateKey) {
        try {
            return a(privateKey, SecurityUtils.f101a, (SecureRandom) null);
        } catch (NoSuchProviderException e) {
            throw new SecurityException("BC provider not installed!");
        }
    }

    private X509Certificate b(PrivateKey privateKey, String str) {
        return b(privateKey, str, null);
    }

    private X509Certificate b(PrivateKey privateKey, String str, SecureRandom secureRandom) {
        TBSCertificate b = b();
        try {
            try {
                return a(b, b.a(this.b, this.d, str, privateKey, secureRandom, b));
            } catch (CertificateParsingException e) {
                throw new a("exception producing certificate object", e);
            }
        } catch (IOException e2) {
            throw new a("exception encoding TBS cert", e2);
        }
    }

    private TBSCertificate b() {
        if (!this.e.b()) {
            this.f1195a.a(this.e.c());
        }
        return this.f1195a.a();
    }

    private void b(X500Principal x500Principal) {
        try {
            this.f1195a.b(new X509Principal(x500Principal.getEncoded()));
        } catch (IOException e) {
            throw new IllegalArgumentException("can't process principal: " + e);
        }
    }

    private void b(boolean[] zArr) {
        this.f1195a.a(c(zArr));
    }

    private X509Certificate c(PrivateKey privateKey) {
        return a(privateKey);
    }

    private static Iterator c() {
        return b.a();
    }

    private static DERBitString c(boolean[] zArr) {
        byte[] bArr = new byte[(zArr.length + 7) / 8];
        for (int i = 0; i != zArr.length; i++) {
            int i2 = i / 8;
            bArr[i2] = (byte) ((zArr[i] ? 1 << (7 - (i % 8)) : 0) | bArr[i2]);
        }
        int length = zArr.length % 8;
        return length == 0 ? new DERBitString(bArr) : new DERBitString(bArr, 8 - length);
    }

    public final X509Certificate a(PrivateKey privateKey) {
        TBSCertificate b = b();
        try {
            try {
                return a(b, b.a(this.b, this.d, privateKey, b));
            } catch (CertificateParsingException e) {
                throw new a("exception producing certificate object", e);
            }
        } catch (IOException e2) {
            throw new a("exception encoding TBS cert", e2);
        }
    }

    public final void a() {
        this.f1195a = new V3TBSCertificateGenerator();
        this.e.a();
    }

    public final void a(String str) {
        this.d = str;
        try {
            this.b = b.a(str);
            this.c = b.a(this.b, str);
            this.f1195a.a(this.c);
        } catch (Exception e) {
            throw new IllegalArgumentException("Unknown signature type requested: " + str);
        }
    }

    public final void a(BigInteger bigInteger) {
        if (bigInteger.compareTo(BigInteger.ZERO) <= 0) {
            throw new IllegalArgumentException("serial number must be a positive integer");
        }
        this.f1195a.a(new ASN1Integer(bigInteger));
    }

    public final void a(PublicKey publicKey) {
        try {
            this.f1195a.a(SubjectPublicKeyInfo.a(new ASN1InputStream(publicKey.getEncoded()).b()));
        } catch (Exception e) {
            throw new IllegalArgumentException("unable to process key - " + e.toString());
        }
    }

    public final void a(Date date) {
        this.f1195a.a(new Time(date));
    }

    public final void a(DERObjectIdentifier dERObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) {
        this.e.a(new ASN1ObjectIdentifier(dERObjectIdentifier.c()), z, aSN1Encodable);
    }

    public final void a(X509Name x509Name) {
        this.f1195a.a(x509Name);
    }

    public final void b(Date date) {
        this.f1195a.b(new Time(date));
    }

    public final void b(X509Name x509Name) {
        this.f1195a.b(x509Name);
    }
}
