package kotlin;

import ch.qos.logback.core.net.SyslogConstants;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.asn1.misc.NetscapeCertType;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator;
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcContentSignerBuilder;
import org.bouncycastle.operator.bc.BcDSAContentSignerBuilder;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;

/* compiled from: X509Bridge.java */
/* loaded from: classes.dex */
public class e3d {
    public static final KeyFingerPrintCalculator a = ig8.b;

    public static X509Certificate a(PublicKey publicKey, PrivateKey privateKey, X500Name x500Name, Date date, Date date2, List<String> list, byte[] bArr) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException {
        BcContentSignerBuilder bcRSAContentSignerBuilder;
        String algorithm = publicKey.getAlgorithm();
        if (algorithm.equals("DSA")) {
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithDSA");
            bcRSAContentSignerBuilder = new BcDSAContentSignerBuilder(find, new DefaultDigestAlgorithmIdentifierFinder().find(find));
        } else {
            if (!algorithm.equals("RSA")) {
                throw new RuntimeException("Algorithm not recognised: " + algorithm);
            }
            AlgorithmIdentifier find2 = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
            bcRSAContentSignerBuilder = new BcRSAContentSignerBuilder(find2, new DefaultDigestAlgorithmIdentifierFinder().find(find2));
        }
        ContentSigner build = bcRSAContentSignerBuilder.build(PrivateKeyFactory.createKey(privateKey.getEncoded()));
        Date date3 = date == null ? new Date(System.currentTimeMillis()) : date;
        X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(x500Name, BigInteger.ONE, date3, date2 == null ? date3 : date2, Locale.US, x500Name, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
        x509v3CertificateBuilder.addExtension(Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(true));
        x509v3CertificateBuilder.addExtension(Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(236));
        x509v3CertificateBuilder.addExtension(MiscObjectIdentifiers.netscapeCertType, false, (ASN1Encodable) new NetscapeCertType(SyslogConstants.LOG_LOCAL4));
        JcaX509ExtensionUtils jcaX509ExtensionUtils = new JcaX509ExtensionUtils();
        x509v3CertificateBuilder.addExtension(Extension.subjectKeyIdentifier, false, (ASN1Encodable) jcaX509ExtensionUtils.createSubjectKeyIdentifier(publicKey));
        x509v3CertificateBuilder.addExtension(Extension.authorityKeyIdentifier, false, (ASN1Encodable) jcaX509ExtensionUtils.createAuthorityKeyIdentifier(publicKey));
        if (list != null && list.size() > 0) {
            int size = list.size();
            GeneralName[] generalNameArr = new GeneralName[size];
            for (int i = 0; i < size; i++) {
                generalNameArr[i] = new GeneralName(0, new x3d(list.get(i)));
            }
            x509v3CertificateBuilder.addExtension(Extension.subjectAlternativeName, false, (ASN1Encodable) new GeneralNames(generalNameArr));
        }
        x509v3CertificateBuilder.addExtension(r8b.e, false, (ASN1Encodable) new r8b(bArr));
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(zk2.PROVIDER).getCertificate(x509v3CertificateBuilder.build(build));
        certificate.verify(publicKey);
        return certificate;
    }

    public static X509Certificate b(PGPPublicKeyRing pGPPublicKeyRing, PGPPrivateKey pGPPrivateKey) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, PGPException, IOException, OperatorCreationException {
        PGPPublicKey pGPPublicKey;
        X500NameBuilder x500NameBuilder = new X500NameBuilder();
        x500NameBuilder.addRDN(BCStyle.O, "OpenPGP to X.509 Bridge");
        Iterator<PGPPublicKey> publicKeys = pGPPublicKeyRing.getPublicKeys();
        while (true) {
            if (!publicKeys.hasNext()) {
                pGPPublicKey = null;
                break;
            }
            pGPPublicKey = publicKeys.next();
            if (pGPPublicKey.isMasterKey()) {
                break;
            }
        }
        if (pGPPublicKey == null) {
            throw new IllegalArgumentException("no master key found");
        }
        LinkedList linkedList = new LinkedList();
        Iterator<String> userIDs = pGPPublicKey.getUserIDs();
        while (userIDs.hasNext()) {
            String next = userIDs.next();
            x500NameBuilder.addRDN(BCStyle.CN, next);
            ng8 c = ng8.c(next);
            if (c != null && c.a() != null) {
                linkedList.add(c.a());
            }
        }
        X500Name build = x500NameBuilder.build();
        Date creationTime = pGPPublicKey.getCreationTime();
        Date date = pGPPublicKey.getValidSeconds() > 0 ? new Date(creationTime.getTime() + (pGPPublicKey.getValidSeconds() * 1000)) : null;
        zk2 zk2Var = zk2.a;
        return a(zk2Var.b(pGPPublicKey), zk2Var.a(pGPPrivateKey), build, creationTime, date, linkedList, pGPPublicKeyRing.getEncoded());
    }

    public static X509Certificate c(PGPPublicKeyRing pGPPublicKeyRing, PGPSecretKey pGPSecretKey, String str) throws PGPException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException {
        return b(pGPPublicKeyRing, pGPSecretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().build()).setProvider(zk2.PROVIDER).build(str.toCharArray())));
    }

    public static X509Certificate d(PGPPublicKeyRing pGPPublicKeyRing, PGPSecretKeyRing pGPSecretKeyRing, String str) throws PGPException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException {
        return c(pGPPublicKeyRing, pGPSecretKeyRing.getSecretKey(), str);
    }

    public static X509Certificate e(byte[] bArr, byte[] bArr2, String str) throws PGPException, IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, OperatorCreationException {
        KeyFingerPrintCalculator keyFingerPrintCalculator = a;
        PGPSecretKeyRing pGPSecretKeyRing = new PGPSecretKeyRing(bArr, keyFingerPrintCalculator);
        return b(new PGPPublicKeyRing(bArr2, keyFingerPrintCalculator), pGPSecretKeyRing.getSecretKey().extractPrivateKey(new JcePBESecretKeyDecryptorBuilder(new JcaPGPDigestCalculatorProviderBuilder().build()).setProvider(zk2.PROVIDER).build(str.toCharArray())));
    }
}
