package org.zz.gmhelper.cert;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.zz.gmhelper.BCECUtil;

/* loaded from: classes2.dex */
public class SM2X509CertMaker {

    /* renamed from: a, reason: collision with root package name */
    public static final String f13067a = "SM3withSM2";

    /* renamed from: b, reason: collision with root package name */
    private long f13068b;

    /* renamed from: c, reason: collision with root package name */
    private X500Name f13069c;
    private CertSNAllocator d;
    private KeyPair e;

    public SM2X509CertMaker(KeyPair keyPair, long j, X500Name x500Name, CertSNAllocator certSNAllocator) {
        this.e = keyPair;
        this.f13068b = j;
        this.f13069c = x500Name;
        this.d = certSNAllocator;
    }

    private JcaContentSignerBuilder b(PublicKey publicKey) throws Exception {
        if (publicKey.getAlgorithm().equals("EC")) {
            JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(f13067a);
            jcaContentSignerBuilder.c(BouncyCastleProvider.f11925b);
            return jcaContentSignerBuilder;
        }
        throw new Exception("Unsupported PublicKey Algorithm:" + publicKey.getAlgorithm());
    }

    public X509Certificate a(boolean z, KeyUsage keyUsage, byte[] bArr) throws Exception {
        PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(bArr);
        BCECPublicKey u = BCECUtil.u(pKCS10CertificationRequest.g());
        PrivateKey privateKey = this.e.getPrivate();
        PublicKey publicKey = this.e.getPublic();
        JcaX509ExtensionUtils jcaX509ExtensionUtils = new JcaX509ExtensionUtils();
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(this.f13069c, this.d.a(), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + this.f13068b), pKCS10CertificationRequest.f(), u);
        jcaX509v3CertificateBuilder.a(Extension.f9719b, false, jcaX509ExtensionUtils.e(SubjectPublicKeyInfo.o(u.getEncoded())));
        jcaX509v3CertificateBuilder.a(Extension.s, false, jcaX509ExtensionUtils.b(SubjectPublicKeyInfo.o(publicKey.getEncoded())));
        jcaX509v3CertificateBuilder.a(Extension.g, false, new BasicConstraints(z));
        jcaX509v3CertificateBuilder.a(Extension.f9720c, false, keyUsage);
        X509Certificate a2 = new JcaX509CertificateConverter().b(BouncyCastleProvider.f11925b).a(jcaX509v3CertificateBuilder.d(b(publicKey).a(privateKey)));
        a2.checkValidity(new Date());
        a2.verify(publicKey);
        return a2;
    }
}
