package com.netmetric.cert;

import com.netmetric.base.schedule.Schedules;
import defpackage.nuc;
import defpackage.nwb;
import defpackage.nwg;
import defpackage.nxz;
import defpackage.nyf;
import defpackage.nyn;
import defpackage.nys;
import defpackage.nyt;
import defpackage.nzc;
import defpackage.nze;
import defpackage.nzh;
import defpackage.nzr;
import defpackage.nzu;
import defpackage.nzv;
import defpackage.nzz;
import defpackage.oab;
import defpackage.oaw;
import defpackage.oax;
import defpackage.ocd;
import defpackage.ocj;
import defpackage.ock;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Date;

/* loaded from: classes.dex */
public class CertificateFactory {
    private static final int DEFAULT_KEY_LENGTH = 4096;
    private static final String KEYPAIR_ALGORITHM = "RSA";
    private static final String PROVIDER = "BC";
    private static final String SIGNATURE_ALGORITHM = "SHA1withRSA";

    public static CertificateInfo newCertificate(CertificateParameters certificateParameters) {
        Security.addProvider(new oax());
        if (certificateParameters.getIssuer() == null) {
            throw new CertificateParameterException("Issuer DN cannot be null");
        }
        if (certificateParameters.getIssuerPrivateKey() == null) {
            throw new CertificateParameterException("Issuer Private Key cannot be null");
        }
        nxz issuer = certificateParameters.getIssuer();
        Date startDate = certificateParameters.getStartDate() != null ? certificateParameters.getStartDate() : new Date(System.currentTimeMillis() - Schedules.DEFAULT_SCHEDULES_EXPIRE_AFTER_MILLIS);
        Date endDate = certificateParameters.getEndDate() != null ? certificateParameters.getEndDate() : new Date(System.currentTimeMillis() + 1827387392);
        KeyPair subjectKeyPair = certificateParameters.getSubjectKeyPair() != null ? certificateParameters.getSubjectKeyPair() : newKeyPair();
        nzc dW = nzc.dW(subjectKeyPair.getPublic().getEncoded());
        nxz subject = certificateParameters.getSubject() != null ? certificateParameters.getSubject() : new nxz(nyf.ifK, "CN=None, C=None");
        boolean ca2 = certificateParameters.getCa();
        nzv nzvVar = new nzv(issuer, certificateParameters.getSerialNumber() != null ? certificateParameters.getSerialNumber() : BigInteger.valueOf(System.currentTimeMillis()), startDate, endDate, subject, dW);
        if (ca2) {
            nzr.a(nzvVar.ikz, nys.ihm, new nyn());
        }
        ocj ocjVar = new ocj(SIGNATURE_ALGORITHM);
        ocjVar.inc = new ock(new oaw(PROVIDER));
        ocd a = ocjVar.a(certificateParameters.getIssuerPrivateKey());
        nzvVar.iky.igQ = a.bnU();
        if (!nzvVar.ikz.ihR.isEmpty()) {
            nzh nzhVar = nzvVar.iky;
            nyt bne = nzvVar.ikz.bne();
            nzhVar.igV = bne;
            nys a2 = bne.a(nys.ihk);
            if (a2 != null && a2.ihN) {
                nzhVar.iiw = true;
            }
        }
        nzh nzhVar2 = nzvVar.iky;
        if (nzhVar2.igR == null || nzhVar2.igQ == null || nzhVar2.issuer == null || nzhVar2.iio == null || nzhVar2.iip == null || ((nzhVar2.subject == null && !nzhVar2.iiw) || nzhVar2.iiq == null)) {
            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
        }
        nuc nucVar = new nuc();
        nucVar.a(nzhVar2.iiv);
        nucVar.a(nzhVar2.igR);
        nucVar.a(nzhVar2.igQ);
        nucVar.a(nzhVar2.issuer);
        nuc nucVar2 = new nuc();
        nucVar2.a(nzhVar2.iio);
        nucVar2.a(nzhVar2.iip);
        nucVar.a(new nwb(nucVar2));
        nucVar.a(nzhVar2.subject != null ? nzhVar2.subject : new nwb());
        nucVar.a(nzhVar2.iiq);
        if (nzhVar2.igU != null) {
            nucVar.a(new nwg(false, 1, nzhVar2.igU));
        }
        if (nzhVar2.iix != null) {
            nucVar.a(new nwg(false, 2, nzhVar2.iix));
        }
        if (nzhVar2.igV != null) {
            nucVar.a(new nwg(true, 3, nzhVar2.igV));
        }
        nzu a3 = nzr.a(a, nze.dX(new nwb(nucVar)));
        nzz nzzVar = new nzz();
        nzzVar.ikA = new oab(PROVIDER);
        return new CertificateInfo(nzzVar.a(a3), subjectKeyPair);
    }

    public static KeyPair newKeyPair() {
        return newKeyPair(DEFAULT_KEY_LENGTH);
    }

    public static KeyPair newKeyPair(int i) {
        Security.addProvider(new oax());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEYPAIR_ALGORITHM, PROVIDER);
        keyPairGenerator.initialize(i, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public static CertificateInfo newSelfSignedCertificate(CertificateParameters certificateParameters) {
        certificateParameters.setIssuer(certificateParameters.getSubject());
        certificateParameters.setIssuerPrivateKey(certificateParameters.getSubjectKeyPair().getPrivate());
        return newCertificate(certificateParameters);
    }

    public static CertificateInfo newSelfSignedCertificate(nxz nxzVar) {
        return newSelfSignedCertificate(nxzVar, false);
    }

    public static CertificateInfo newSelfSignedCertificate(nxz nxzVar, boolean z) {
        CertificateParameters certificateParameters = new CertificateParameters();
        KeyPair newKeyPair = newKeyPair();
        certificateParameters.setIssuer(nxzVar);
        certificateParameters.setIssuerPrivateKey(newKeyPair.getPrivate());
        certificateParameters.setSubject(nxzVar);
        certificateParameters.setSubjectKeyPair(newKeyPair);
        certificateParameters.setCa(z);
        return newCertificate(certificateParameters);
    }

    public static CertificateInfo newSignedCertificate(nxz nxzVar, PrivateKey privateKey, nxz nxzVar2) {
        return newSignedCertificate(nxzVar, privateKey, nxzVar2, false);
    }

    public static CertificateInfo newSignedCertificate(nxz nxzVar, PrivateKey privateKey, nxz nxzVar2, boolean z) {
        CertificateParameters certificateParameters = new CertificateParameters();
        certificateParameters.setIssuer(nxzVar);
        certificateParameters.setIssuerPrivateKey(privateKey);
        certificateParameters.setSubject(nxzVar2);
        certificateParameters.setCa(z);
        return newCertificate(certificateParameters);
    }
}
