package org.bouncycastle.cert.jcajce;

import java.io.IOException;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.SignatureException;
import java.util.Vector;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.operator.RuntimeOperatorException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public final class JcaX509v3CertificateBuilder {
    public final ExtensionsGenerator extGenerator;
    public final V3TBSCertificateGenerator tbsGen;

    public JcaX509v3CertificateBuilder(X500Name x500Name, BigInteger bigInteger, Time time, Time time2, X500Name x500Name2, PublicKey publicKey) {
        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
        V3TBSCertificateGenerator v3TBSCertificateGenerator = new V3TBSCertificateGenerator();
        this.tbsGen = v3TBSCertificateGenerator;
        v3TBSCertificateGenerator.serialNumber = new ASN1Integer(bigInteger);
        v3TBSCertificateGenerator.issuer = x500Name;
        v3TBSCertificateGenerator.startDate = time;
        v3TBSCertificateGenerator.endDate = time2;
        v3TBSCertificateGenerator.subject = x500Name2;
        v3TBSCertificateGenerator.subjectPublicKeyInfo = subjectPublicKeyInfo;
        this.extGenerator = new ExtensionsGenerator();
    }

    public static byte[] generateSig(JcaContentSignerBuilder.AnonymousClass1 anonymousClass1, TBSCertificate tBSCertificate) throws IOException {
        JcaContentSignerBuilder.SignatureOutputStream signatureOutputStream = anonymousClass1.stream;
        tBSCertificate.encodeTo(signatureOutputStream);
        signatureOutputStream.close();
        try {
            return signatureOutputStream.sig.sign();
        } catch (SignatureException e) {
            StringBuffer stringBuffer = new StringBuffer("exception obtaining signature: ");
            stringBuffer.append(e.getMessage());
            throw new RuntimeOperatorException(stringBuffer.toString(), e);
        }
    }

    public final X509CertificateHolder build(JcaContentSignerBuilder.AnonymousClass1 anonymousClass1) {
        V3TBSCertificateGenerator v3TBSCertificateGenerator = this.tbsGen;
        AlgorithmIdentifier algorithmIdentifier = anonymousClass1.val$signatureAlgId;
        v3TBSCertificateGenerator.signature = algorithmIdentifier;
        ExtensionsGenerator extensionsGenerator = this.extGenerator;
        if (!extensionsGenerator.extOrdering.isEmpty()) {
            Vector vector = extensionsGenerator.extOrdering;
            Extension[] extensionArr = new Extension[vector.size()];
            for (int i = 0; i != vector.size(); i++) {
                extensionArr[i] = (Extension) extensionsGenerator.extensions.get(vector.elementAt(i));
            }
            Extensions extensions = new Extensions(extensionArr);
            v3TBSCertificateGenerator.extensions = extensions;
            Extension extension = (Extension) extensions.extensions.get(Extension.subjectAlternativeName);
            if (extension != null && extension.critical) {
                v3TBSCertificateGenerator.altNamePresentAndCritical = true;
            }
        }
        try {
            TBSCertificate generateTBSCertificate = v3TBSCertificateGenerator.generateTBSCertificate();
            byte[] generateSig = generateSig(anonymousClass1, generateTBSCertificate);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(generateTBSCertificate);
            aSN1EncodableVector.add(algorithmIdentifier);
            aSN1EncodableVector.add(new DERBitString(generateSig));
            ASN1Encodable dERSequence = new DERSequence(aSN1EncodableVector);
            return new X509CertificateHolder(dERSequence instanceof Certificate ? (Certificate) dERSequence : new Certificate(ASN1Sequence.getInstance(dERSequence)));
        } catch (IOException unused) {
            throw new IllegalArgumentException("cannot produce certificate signature");
        }
    }
}
