package org.bouncycastle.cert;

import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Date;
import java.util.Enumeration;
import java.util.Locale;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.util.Exceptions;

/* loaded from: classes16.dex */
public class X509v3CertificateBuilder {

    /* renamed from: a, reason: collision with root package name */
    public V3TBSCertificateGenerator f59857a;

    /* renamed from: b, reason: collision with root package name */
    public ExtensionsGenerator f59858b;

    public X509v3CertificateBuilder(X500Name x500Name, BigInteger bigInteger, Date date, Date date2, Locale locale, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        this(x500Name, bigInteger, new Time(date, locale), new Time(date2, locale), x500Name2, subjectPublicKeyInfo);
    }

    public X509v3CertificateBuilder(X500Name x500Name, BigInteger bigInteger, Date date, Date date2, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        this(x500Name, bigInteger, new Time(date), new Time(date2), x500Name2, subjectPublicKeyInfo);
    }

    public X509v3CertificateBuilder(X500Name x500Name, BigInteger bigInteger, Time time, Time time2, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        V3TBSCertificateGenerator v3TBSCertificateGenerator = new V3TBSCertificateGenerator();
        this.f59857a = v3TBSCertificateGenerator;
        v3TBSCertificateGenerator.k(new ASN1Integer(bigInteger));
        this.f59857a.h(x500Name);
        this.f59857a.n(time);
        this.f59857a.e(time2);
        this.f59857a.o(x500Name2);
        this.f59857a.q(subjectPublicKeyInfo);
        this.f59858b = new ExtensionsGenerator();
    }

    public X509v3CertificateBuilder(X509CertificateHolder x509CertificateHolder) {
        V3TBSCertificateGenerator v3TBSCertificateGenerator = new V3TBSCertificateGenerator();
        this.f59857a = v3TBSCertificateGenerator;
        v3TBSCertificateGenerator.k(new ASN1Integer(x509CertificateHolder.p()));
        this.f59857a.h(x509CertificateHolder.l());
        this.f59857a.n(new Time(x509CertificateHolder.o()));
        this.f59857a.e(new Time(x509CertificateHolder.n()));
        this.f59857a.o(x509CertificateHolder.s());
        this.f59857a.q(x509CertificateHolder.t());
        this.f59858b = new ExtensionsGenerator();
        Extensions k = x509CertificateHolder.k();
        Enumeration K = k.K();
        while (K.hasMoreElements()) {
            ASN1ObjectIdentifier aSN1ObjectIdentifier = (ASN1ObjectIdentifier) K.nextElement();
            if (!Extension.J.E(aSN1ObjectIdentifier) && !Extension.K.E(aSN1ObjectIdentifier) && !Extension.L.E(aSN1ObjectIdentifier)) {
                this.f59858b.c(k.z(aSN1ObjectIdentifier));
            }
        }
    }

    public static DERBitString d(boolean[] zArr) {
        byte[] bArr = new byte[(zArr.length + 7) / 8];
        for (int i2 = 0; i2 != zArr.length; i2++) {
            int i3 = i2 / 8;
            bArr[i3] = (byte) (bArr[i3] | (zArr[i2] ? 1 << (7 - (i2 % 8)) : 0));
        }
        int length = zArr.length % 8;
        return length == 0 ? new DERBitString(bArr) : new DERBitString(bArr, 8 - length);
    }

    public static byte[] i(ContentSigner contentSigner, ASN1Object aSN1Object) throws IOException {
        OutputStream b2 = contentSigner.b();
        aSN1Object.u(b2, ASN1Encoding.f57749a);
        b2.close();
        return contentSigner.getSignature();
    }

    public static Certificate j(TBSCertificate tBSCertificate, AlgorithmIdentifier algorithmIdentifier, byte[] bArr) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.a(tBSCertificate);
        aSN1EncodableVector.a(algorithmIdentifier);
        aSN1EncodableVector.a(new DERBitString(bArr));
        return Certificate.y(new DERSequence(aSN1EncodableVector));
    }

    public X509v3CertificateBuilder a(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) throws CertIOException {
        try {
            this.f59858b.a(aSN1ObjectIdentifier, z, aSN1Encodable);
            return this;
        } catch (IOException e2) {
            throw new CertIOException("cannot encode extension: " + e2.getMessage(), e2);
        }
    }

    public X509v3CertificateBuilder b(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, byte[] bArr) throws CertIOException {
        this.f59858b.b(aSN1ObjectIdentifier, z, bArr);
        return this;
    }

    public X509v3CertificateBuilder c(Extension extension) throws CertIOException {
        this.f59858b.c(extension);
        return this;
    }

    public X509CertificateHolder e(ContentSigner contentSigner) {
        this.f59857a.l(contentSigner.a());
        if (!this.f59858b.h()) {
            this.f59857a.f(this.f59858b.e());
        }
        try {
            TBSCertificate b2 = this.f59857a.b();
            return new X509CertificateHolder(j(b2, contentSigner.a(), i(contentSigner, b2)));
        } catch (IOException e2) {
            throw Exceptions.a("cannot produce certificate signature", e2);
        }
    }

    public X509CertificateHolder f(ContentSigner contentSigner, boolean z, ContentSigner contentSigner2) {
        this.f59857a.l(null);
        try {
            this.f59858b.a(Extension.K, z, contentSigner2.a());
            this.f59857a.f(this.f59858b.e());
            try {
                this.f59858b.a(Extension.L, z, new DERBitString(i(contentSigner2, this.f59857a.a())));
                this.f59857a.l(contentSigner.a());
                this.f59857a.f(this.f59858b.e());
                TBSCertificate b2 = this.f59857a.b();
                return new X509CertificateHolder(j(b2, contentSigner.a(), i(contentSigner, b2)));
            } catch (IOException e2) {
                throw Exceptions.a("cannot produce certificate signature", e2);
            }
        } catch (IOException e3) {
            throw Exceptions.b("cannot add altSignatureAlgorithm extension", e3);
        }
    }

    public X509v3CertificateBuilder g(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, X509CertificateHolder x509CertificateHolder) {
        Extension z2 = x509CertificateHolder.G().J().y().z(aSN1ObjectIdentifier);
        if (z2 != null) {
            this.f59858b.b(aSN1ObjectIdentifier, z, z2.A().M());
            return this;
        }
        throw new NullPointerException("extension " + aSN1ObjectIdentifier + " not present");
    }

    public final Extension h(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return this.f59858b.e().z(aSN1ObjectIdentifier);
    }

    public Extension k(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return h(aSN1ObjectIdentifier);
    }

    public boolean l(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return h(aSN1ObjectIdentifier) != null;
    }

    public X509v3CertificateBuilder m(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        this.f59858b = CertUtils.d(this.f59858b, aSN1ObjectIdentifier);
        return this;
    }

    public X509v3CertificateBuilder n(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) throws CertIOException {
        try {
            this.f59858b = CertUtils.e(this.f59858b, new Extension(aSN1ObjectIdentifier, z, aSN1Encodable.j().v(ASN1Encoding.f57749a)));
            return this;
        } catch (IOException e2) {
            throw new CertIOException("cannot encode extension: " + e2.getMessage(), e2);
        }
    }

    public X509v3CertificateBuilder o(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, byte[] bArr) throws CertIOException {
        this.f59858b = CertUtils.e(this.f59858b, new Extension(aSN1ObjectIdentifier, z, bArr));
        return this;
    }

    public X509v3CertificateBuilder p(Extension extension) throws CertIOException {
        this.f59858b = CertUtils.e(this.f59858b, extension);
        return this;
    }

    public X509v3CertificateBuilder q(boolean[] zArr) {
        this.f59857a.j(d(zArr));
        return this;
    }

    public X509v3CertificateBuilder r(boolean[] zArr) {
        this.f59857a.r(d(zArr));
        return this;
    }
}
