package net.netca.pki.encoding.asn1.pki;

import java.math.BigInteger;
import java.util.Date;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.Integer;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceOf;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.TaggedType;
import net.netca.pki.encoding.asn1.TaggedValue;
import net.netca.pki.u;

/* loaded from: classes.dex */
public final class X509CertificateBuilder {
    private Extensions exts;
    private X509Certificate issuer;
    private BitString issuerId;
    private Date notAfter;
    private Date notBefore;
    private SubjectPublicKeyInfo pubkey;
    private BigInteger serialNumber;
    private X500Name subject;
    private BitString subjectId;
    private int version;
    private static final SequenceType tbsType = (SequenceType) ASN1TypeManager.getInstance().get("TBSCertificate");
    private static final SequenceType certType = (SequenceType) ASN1TypeManager.getInstance().get("Certificate");
    private static final TaggedType versionType = (TaggedType) ASN1TypeManager.getInstance().get("TBSCertificate.version");
    private static final SequenceType validityType = (SequenceType) ASN1TypeManager.getInstance().get("Validity");
    private static final TaggedType issuerIdType = (TaggedType) ASN1TypeManager.getInstance().get("TBSCertificate.issuerUniqueID");
    private static final TaggedType subjectIdType = (TaggedType) ASN1TypeManager.getInstance().get("TBSCertificate.subjectUniqueID");
    private static final TaggedType extsType = (TaggedType) ASN1TypeManager.getInstance().get("TBSCertificate.extensions");

    public X509CertificateBuilder() {
        this.version = 2;
        this.issuer = null;
    }

    public X509CertificateBuilder(X509Certificate x509Certificate) {
        this.version = 2;
        if (x509Certificate == null) {
            throw new u("issuer is null");
        }
        this.issuer = x509Certificate;
    }

    private Sequence buildTbs(AlgorithmIdentifier algorithmIdentifier) {
        checkCompleteness();
        Sequence sequence = new Sequence(tbsType);
        sequence.add(new TaggedValue(versionType, new Integer(this.version)));
        sequence.add(new Integer(this.serialNumber));
        sequence.add(algorithmIdentifier.getASN1Object());
        SequenceOf aSN1Object = this.subject.getASN1Object();
        if (this.issuer != null) {
            sequence.add(this.issuer.getSubject().getASN1Object());
        } else {
            sequence.add(aSN1Object);
        }
        sequence.add(buildValidity());
        sequence.add(aSN1Object);
        sequence.add(this.pubkey.getASN1Object());
        if (this.issuerId != null) {
            sequence.add(new TaggedValue(issuerIdType, this.issuerId));
        }
        if (this.subjectId != null) {
            sequence.add(new TaggedValue(subjectIdType, this.subjectId));
        }
        if (this.exts != null) {
            sequence.add(new TaggedValue(extsType, this.exts.getASN1Object()));
        }
        return sequence;
    }

    private Sequence buildValidity() {
        Sequence sequence = new Sequence(validityType);
        sequence.add(new Time(this.notBefore).getASN1Object());
        sequence.add(new Time(this.notAfter).getASN1Object());
        return sequence;
    }

    private void checkCompleteness() {
        if (this.serialNumber == null) {
            throw new u("no serialNumber");
        }
        if (this.notBefore == null) {
            throw new u("no notBefore");
        }
        if (this.notAfter == null) {
            throw new u("no notAfter");
        }
        if (this.notBefore.after(this.notAfter)) {
            throw new u("notBefore after notAfter");
        }
        if (this.subject == null) {
            throw new u("no subject");
        }
        if (this.pubkey == null) {
            throw new u("no pubkey");
        }
        if (this.issuerId != null && this.version == 0) {
            throw new u("v1 certificate has issuerUniqueID");
        }
        if (this.subjectId != null && this.version == 0) {
            throw new u("v1 certificate has subjectUniqueID");
        }
        if (this.exts != null) {
            if (this.version == 0 || this.version == 1) {
                throw new u("v1 v2 certificate has extensions");
            }
            int size = this.exts.size();
            for (int i = 0; i < size; i++) {
                String oid = this.exts.get(i).getOid();
                for (int i2 = 0; i2 < size; i2++) {
                    if (i != i2 && oid.equals(this.exts.get(i2).getOid())) {
                        throw new u("certificate has duplicate extension" + oid);
                    }
                }
            }
        }
    }

    public byte[] getSerialNumber() {
        if (this.serialNumber == null) {
            return null;
        }
        return this.serialNumber.toByteArray();
    }

    public void setExtensions(Extensions extensions) {
        if (extensions != null && (this.version == 0 || this.version == 1)) {
            throw new u("v1 v2 certificate has extensions");
        }
        this.exts = extensions;
    }

    public void setIssuerUniqueID(BitString bitString) {
        if (bitString != null && this.version == 0) {
            throw new u("v1 certificate has issuerUniqueID");
        }
        this.issuerId = bitString;
    }

    public void setNotAfter(Date date) {
        if (date == null) {
            throw new u("notAfter is null");
        }
        this.notAfter = date;
    }

    public void setNotBefore(Date date) {
        if (date == null) {
            throw new u("notBefore is null");
        }
        this.notBefore = date;
    }

    public void setPositiveSerialNumber(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            throw new u("serialNumber is null");
        }
        this.serialNumber = new BigInteger(1, bArr);
    }

    public void setSerialNumber(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            throw new u("serialNumber is null");
        }
        this.serialNumber = new BigInteger(bArr);
    }

    public void setSubject(X500Name x500Name) {
        if (x500Name == null) {
            throw new u("subject is null");
        }
        this.subject = x500Name;
    }

    public void setSubjectPublicKeyInfo(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        if (subjectPublicKeyInfo == null) {
            throw new u("pubkey is null");
        }
        this.pubkey = subjectPublicKeyInfo;
    }

    public void setSubjectUniqueID(BitString bitString) {
        if (bitString != null && this.version == 0) {
            throw new u("v1 certificate has subjectUniqueID");
        }
        this.subjectId = bitString;
    }

    public void setVersion(int i) {
        if (i == 2 || i == 0 || i == 1) {
            this.version = i;
        } else {
            throw new u("bad version " + i);
        }
    }

    public X509Certificate sign(Signable signable, AlgorithmIdentifier algorithmIdentifier) {
        if (signable == null) {
            throw new u("signer is null");
        }
        if (algorithmIdentifier == null) {
            throw new u("signAlgo is null");
        }
        Sequence buildTbs = buildTbs(algorithmIdentifier);
        byte[] encode = buildTbs.encode();
        byte[] sign = signable.sign(algorithmIdentifier, encode, 0, encode.length);
        Sequence sequence = new Sequence(certType);
        sequence.add(buildTbs);
        sequence.add(algorithmIdentifier.getASN1Object());
        sequence.add(new BitString(0, sign));
        return new X509Certificate(sequence);
    }
}
