package com.hidglobal.ia.activcastle.x509;

import com.hidglobal.ia.activcastle.asn1.ASN1Encodable;
import com.hidglobal.ia.activcastle.asn1.ASN1EncodableVector;
import com.hidglobal.ia.activcastle.asn1.ASN1GeneralizedTime;
import com.hidglobal.ia.activcastle.asn1.ASN1InputStream;
import com.hidglobal.ia.activcastle.asn1.ASN1Integer;
import com.hidglobal.ia.activcastle.asn1.ASN1ObjectIdentifier;
import com.hidglobal.ia.activcastle.asn1.ASN1Sequence;
import com.hidglobal.ia.activcastle.asn1.DERBitString;
import com.hidglobal.ia.activcastle.asn1.DERSequence;
import com.hidglobal.ia.activcastle.asn1.x509.AlgorithmIdentifier;
import com.hidglobal.ia.activcastle.asn1.x509.CertificateList;
import com.hidglobal.ia.activcastle.asn1.x509.Extensions;
import com.hidglobal.ia.activcastle.asn1.x509.TBSCertList;
import com.hidglobal.ia.activcastle.asn1.x509.Time;
import com.hidglobal.ia.activcastle.asn1.x509.V2TBSCertListGenerator;
import com.hidglobal.ia.activcastle.asn1.x509.X509Extensions;
import com.hidglobal.ia.activcastle.asn1.x509.X509ExtensionsGenerator;
import com.hidglobal.ia.activcastle.asn1.x509.X509Name;
import com.hidglobal.ia.activcastle.jcajce.util.BCJcaJceHelper;
import com.hidglobal.ia.activcastle.jce.X509Principal;
import com.hidglobal.ia.activcastle.jce.provider.ActivCastleProvider;
import com.hidglobal.ia.activcastle.jce.provider.X509CRLObject;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.util.Date;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class X509V2CRLGenerator {
    private String ASN1Absent;
    private X509ExtensionsGenerator ASN1BMPString;
    private AlgorithmIdentifier LICENSE;
    private ASN1ObjectIdentifier hashCode;
    private V2TBSCertListGenerator main;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static class LICENSE extends CRLException {
        private Throwable LICENSE;

        LICENSE(String str, Throwable th) {
            super(str);
            this.LICENSE = th;
        }

        @Override // java.lang.Throwable
        public final Throwable getCause() {
            return this.LICENSE;
        }
    }

    public X509V2CRLGenerator() {
        new BCJcaJceHelper();
        this.main = new V2TBSCertListGenerator();
        this.ASN1BMPString = new X509ExtensionsGenerator();
    }

    private X509CRL ASN1Absent(TBSCertList tBSCertList, byte[] bArr) throws CRLException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(tBSCertList);
        aSN1EncodableVector.add(this.LICENSE);
        aSN1EncodableVector.add(new DERBitString(bArr));
        return new X509CRLObject(CertificateList.getInstance(new DERSequence(aSN1EncodableVector)));
    }

    public void addCRL(X509CRL x509crl) throws CRLException {
        Set<? extends X509CRLEntry> revokedCertificates = x509crl.getRevokedCertificates();
        if (revokedCertificates != null) {
            Iterator<? extends X509CRLEntry> it = revokedCertificates.iterator();
            while (it.hasNext()) {
                try {
                    this.main.addCRLEntry(ASN1Sequence.getInstance(new ASN1InputStream(it.next().getEncoded()).readObject()));
                } catch (IOException e) {
                    throw new CRLException(new StringBuilder("exception processing encoding of CRL: ").append(e.toString()).toString());
                }
            }
        }
    }

    public void addCRLEntry(BigInteger bigInteger, Date date, int i) {
        this.main.addCRLEntry(new ASN1Integer(bigInteger), new Time(date), i);
    }

    public void addCRLEntry(BigInteger bigInteger, Date date, int i, Date date2) {
        this.main.addCRLEntry(new ASN1Integer(bigInteger), new Time(date), i, new ASN1GeneralizedTime(date2));
    }

    public void addCRLEntry(BigInteger bigInteger, Date date, X509Extensions x509Extensions) {
        this.main.addCRLEntry(new ASN1Integer(bigInteger), new Time(date), Extensions.getInstance(x509Extensions));
    }

    public void addExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, ASN1Encodable aSN1Encodable) {
        this.ASN1BMPString.addExtension(new ASN1ObjectIdentifier(aSN1ObjectIdentifier.getId()), z, aSN1Encodable);
    }

    public void addExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier, boolean z, byte[] bArr) {
        this.ASN1BMPString.addExtension(new ASN1ObjectIdentifier(aSN1ObjectIdentifier.getId()), z, bArr);
    }

    public void addExtension(String str, boolean z, ASN1Encodable aSN1Encodable) {
        addExtension(new ASN1ObjectIdentifier(str), z, aSN1Encodable);
    }

    public void addExtension(String str, boolean z, byte[] bArr) {
        addExtension(new ASN1ObjectIdentifier(str), z, bArr);
    }

    public X509CRL generate(PrivateKey privateKey) throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        return generate(privateKey, (SecureRandom) null);
    }

    public X509CRL generate(PrivateKey privateKey, String str) throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        return generate(privateKey, str, null);
    }

    public X509CRL generate(PrivateKey privateKey, String str, SecureRandom secureRandom) throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (!this.ASN1BMPString.isEmpty()) {
            this.main.setExtensions(this.ASN1BMPString.generate());
        }
        TBSCertList generateTBSCertList = this.main.generateTBSCertList();
        try {
            return ASN1Absent(generateTBSCertList, hashCode.ASN1BMPString(this.hashCode, this.ASN1Absent, str, privateKey, secureRandom, generateTBSCertList));
        } catch (IOException e) {
            throw new LICENSE("cannot generate CRL encoding", e);
        }
    }

    public X509CRL generate(PrivateKey privateKey, SecureRandom secureRandom) throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (!this.ASN1BMPString.isEmpty()) {
            this.main.setExtensions(this.ASN1BMPString.generate());
        }
        TBSCertList generateTBSCertList = this.main.generateTBSCertList();
        try {
            return ASN1Absent(generateTBSCertList, hashCode.ASN1Absent(this.hashCode, this.ASN1Absent, privateKey, secureRandom, generateTBSCertList));
        } catch (IOException e) {
            throw new LICENSE("cannot generate CRL encoding", e);
        }
    }

    public X509CRL generateX509CRL(PrivateKey privateKey) throws SecurityException, SignatureException, InvalidKeyException {
        try {
            return generateX509CRL(privateKey, ActivCastleProvider.PROVIDER_NAME, null);
        } catch (NoSuchProviderException unused) {
            throw new SecurityException("BC provider not installed!");
        }
    }

    public X509CRL generateX509CRL(PrivateKey privateKey, String str) throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException {
        return generateX509CRL(privateKey, str, null);
    }

    public X509CRL generateX509CRL(PrivateKey privateKey, String str, SecureRandom secureRandom) throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException {
        try {
            return generate(privateKey, str, secureRandom);
        } catch (InvalidKeyException e) {
            throw e;
        } catch (NoSuchProviderException e2) {
            throw e2;
        } catch (SignatureException e3) {
            throw e3;
        } catch (GeneralSecurityException e4) {
            throw new SecurityException("exception: ".concat(String.valueOf(e4)));
        }
    }

    public X509CRL generateX509CRL(PrivateKey privateKey, SecureRandom secureRandom) throws SecurityException, SignatureException, InvalidKeyException {
        try {
            return generateX509CRL(privateKey, ActivCastleProvider.PROVIDER_NAME, secureRandom);
        } catch (NoSuchProviderException unused) {
            throw new SecurityException("BC provider not installed!");
        }
    }

    public Iterator getSignatureAlgNames() {
        return hashCode.ASN1BMPString();
    }

    public void reset() {
        this.main = new V2TBSCertListGenerator();
        this.ASN1BMPString.reset();
    }

    public void setIssuerDN(X509Name x509Name) {
        this.main.setIssuer(x509Name);
    }

    public void setIssuerDN(X500Principal x500Principal) {
        try {
            this.main.setIssuer(new X509Principal(x500Principal.getEncoded()));
        } catch (IOException e) {
            throw new IllegalArgumentException("can't process principal: ".concat(String.valueOf(e)));
        }
    }

    public void setNextUpdate(Date date) {
        this.main.setNextUpdate(new Time(date));
    }

    public void setSignatureAlgorithm(String str) {
        this.ASN1Absent = str;
        try {
            ASN1ObjectIdentifier LICENSE2 = hashCode.LICENSE(str);
            this.hashCode = LICENSE2;
            AlgorithmIdentifier ASN1BMPString = hashCode.ASN1BMPString(LICENSE2, str);
            this.LICENSE = ASN1BMPString;
            this.main.setSignature(ASN1BMPString);
        } catch (Exception unused) {
            throw new IllegalArgumentException("Unknown signature type requested");
        }
    }

    public void setThisUpdate(Date date) {
        this.main.setThisUpdate(new Time(date));
    }
}
