package y;

import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.asn1.misc.NetscapeCertType;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* compiled from: CompatX509.kt */
/* loaded from: classes.dex */
public final class am0 {
    public static final am0 a = new am0();

    public final X509Certificate a(PrivateKey privateKey, PublicKey publicKey, PGPPublicKey pGPPublicKey, byte[] bArr) throws PGPException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException {
        Date date;
        h86.e(privateKey, "privateKey");
        h86.e(publicKey, "publicKey");
        h86.e(pGPPublicKey, "pgpPublicKey");
        h86.e(bArr, "publicRingEncoded");
        X500NameBuilder x500NameBuilder = new X500NameBuilder();
        x500NameBuilder.addRDN(BCStyle.O, "OpenPGP to X.509 Bridge");
        LinkedList linkedList = new LinkedList();
        Iterator<String> userIDs = pGPPublicKey.getUserIDs();
        h86.d(userIDs, "pgpPublicKey.userIDs");
        while (userIDs.hasNext()) {
            String next = userIDs.next();
            x500NameBuilder.addRDN(BCStyle.CN, next);
            fm0 c = fm0.c(next);
            if (c != null && c.a() != null) {
                String a2 = c.a();
                h86.d(a2, "uid.email");
                linkedList.add(a2);
            }
        }
        X500Name build = x500NameBuilder.build();
        Date creationTime = pGPPublicKey.getCreationTime();
        if (pGPPublicKey.getValidSeconds() > 0) {
            h86.d(creationTime, "creationTime");
            date = new Date(creationTime.getTime() + (pGPPublicKey.getValidSeconds() * 1000));
        } else {
            date = null;
        }
        h86.d(build, "x509name");
        return b(publicKey, privateKey, build, creationTime, date, linkedList, bArr);
    }

    public final X509Certificate b(PublicKey publicKey, PrivateKey privateKey, X500Name x500Name, Date date, Date date2, List<String> list, byte[] bArr) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException {
        if (date == null) {
            date = new Date(System.currentTimeMillis());
        }
        if (date2 == null) {
            date2 = date;
        }
        Locale locale = Locale.US;
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, BigInteger.ONE, new Time(date, locale), new Time(date2, locale), x500Name, publicKey);
        jcaX509v3CertificateBuilder.addExtension(Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(true));
        jcaX509v3CertificateBuilder.addExtension(Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(236));
        jcaX509v3CertificateBuilder.addExtension(MiscObjectIdentifiers.netscapeCertType, false, (ASN1Encodable) new NetscapeCertType(160));
        JcaX509ExtensionUtils jcaX509ExtensionUtils = new JcaX509ExtensionUtils();
        jcaX509v3CertificateBuilder.addExtension(Extension.subjectKeyIdentifier, false, (ASN1Encodable) jcaX509ExtensionUtils.createSubjectKeyIdentifier(publicKey));
        jcaX509v3CertificateBuilder.addExtension(Extension.authorityKeyIdentifier, false, (ASN1Encodable) jcaX509ExtensionUtils.createAuthorityKeyIdentifier(publicKey));
        if (list.size() > 0) {
            int size = list.size();
            GeneralName[] generalNameArr = new GeneralName[size];
            for (int i = 0; i < size; i++) {
                generalNameArr[i] = new GeneralName(0, new im0(list.get(i)));
            }
            jcaX509v3CertificateBuilder.addExtension(Extension.subjectAlternativeName, false, (ASN1Encodable) new GeneralNames(generalNameArr));
        }
        jcaX509v3CertificateBuilder.addExtension(gm0.b, false, (ASN1Encodable) new gm0(bArr));
        JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder("SHA1WithRSAEncryption");
        rl0 rl0Var = rl0.d;
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(rl0Var.p()).getCertificate(jcaX509v3CertificateBuilder.build(jcaContentSignerBuilder.setProvider(rl0Var.p()).build(privateKey)));
        certificate.verify(publicKey);
        h86.d(certificate, "cert");
        return certificate;
    }

    public final X509Certificate c(InputStream inputStream) throws CertificateException {
        h86.e(inputStream, "certData");
        Certificate generateCertificate = CertificateFactory.getInstance("X.509", rl0.d.p()).generateCertificate(inputStream);
        Objects.requireNonNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
        try {
            inputStream.close();
        } catch (IOException unused) {
        }
        return x509Certificate;
    }
}
