package com.tomtom.mydrive.communication.common;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.TimeZone;
import nl.nspyre.commons.logging.Logger;
import org.apache.commons.lang3.time.TimeZones;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.asn1.x509.Time;
import org.spongycastle.asn1.x509.X509Extension;
import org.spongycastle.cert.CertIOException;
import org.spongycastle.cert.X509v3CertificateBuilder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public class CertificateBuilder {
    private static final String JCA_SIGNATURE_ALGORITHM = "SHA256WithRSAEncryption";
    private static final int SERIAL_RANDOM_ADDITION = 10000;

    public static X509Certificate build(PublicKey publicKey, PrivateKey privateKey, String str) {
        try {
            X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            x500NameBuilder.addRDN(BCStyle.CN, str);
            X500Name build = x500NameBuilder.build();
            BigInteger valueOf = BigInteger.valueOf((System.currentTimeMillis() * 10000) + new SecureRandom().nextInt(10000));
            Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone(TimeZones.GMT_ID));
            calendar.clear();
            Time time = new Time(calendar.getTime());
            Calendar calendar2 = Calendar.getInstance(TimeZone.getTimeZone(TimeZones.GMT_ID));
            calendar2.clear();
            calendar2.set(2049, 11, 31, 23, 59, 59);
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(build, valueOf, time, new Time(calendar2.getTime()), build, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
            x509v3CertificateBuilder.addExtension(X509Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(false));
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder(JCA_SIGNATURE_ALGORITHM).build(privateKey)));
            certificate.verify(publicKey);
            return certificate;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException | CertIOException | OperatorCreationException e) {
            Logger.w(e, "Key store creation failed");
            return null;
        }
    }
}
