package i.org.bouncycastle.cert;

import i.com.zlylib.fileselectorlib.FileSelector;
import i.org.bouncycastle.asn1.x500.X500Name;
import i.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import i.org.bouncycastle.asn1.x509.Certificate;
import i.org.bouncycastle.asn1.x509.GeneralNames;
import i.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import i.org.bouncycastle.asn1.x509.TBSCertificate;
import i.org.bouncycastle.asn1.x509.Time;
import i.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import i.org.bouncycastle.operator.ContentSigner;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Date;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DLOutputStream;
import org.bouncycastle.asn1.DLSequence;

/* loaded from: classes2.dex */
public abstract class X509v3CertificateBuilder {
    private FileSelector extGenerator;
    private V3TBSCertificateGenerator tbsGen;

    public X509v3CertificateBuilder(X500Name x500Name, BigInteger bigInteger, Date date, Date date2, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo) {
        Time time = new Time(date);
        Time time2 = new Time(date2);
        V3TBSCertificateGenerator v3TBSCertificateGenerator = new V3TBSCertificateGenerator();
        this.tbsGen = v3TBSCertificateGenerator;
        v3TBSCertificateGenerator.setSerialNumber(new ASN1Integer(bigInteger));
        this.tbsGen.setIssuer(x500Name);
        this.tbsGen.setStartDate(time);
        this.tbsGen.setEndDate(time2);
        this.tbsGen.setSubject(x500Name2);
        this.tbsGen.setSubjectPublicKeyInfo(subjectPublicKeyInfo);
        this.extGenerator = new FileSelector(10);
    }

    public final void addExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier, GeneralNames generalNames) {
        FileSelector fileSelector = this.extGenerator;
        int i2 = CertUtils.$r8$clinit;
        try {
            fileSelector.addExtension(aSN1ObjectIdentifier, generalNames);
        } catch (IOException e) {
            throw new CertIOException("cannot encode extension: " + e.getMessage(), e);
        }
    }

    public final X509CertificateHolder build(ContentSigner contentSigner) {
        this.tbsGen.setSignature(contentSigner.getAlgorithmIdentifier());
        if (!this.extGenerator.isEmpty()) {
            this.tbsGen.setExtensions(this.extGenerator.generate());
        }
        TBSCertificate generateTBSCertificate = this.tbsGen.generateTBSCertificate();
        int i2 = CertUtils.$r8$clinit;
        try {
            AlgorithmIdentifier algorithmIdentifier = contentSigner.getAlgorithmIdentifier();
            OutputStream outputStream = contentSigner.getOutputStream();
            new DLOutputStream(outputStream, 1).writeObject(generateTBSCertificate);
            outputStream.close();
            byte[] signature = contentSigner.getSignature();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream();
            aSN1OutputStream.add(generateTBSCertificate);
            aSN1OutputStream.add(algorithmIdentifier);
            aSN1OutputStream.add(new DERBitString(signature));
            return new X509CertificateHolder(Certificate.getInstance(new DLSequence(1, aSN1OutputStream)));
        } catch (IOException unused) {
            throw new IllegalStateException("cannot produce certificate signature");
        }
    }
}
