package com.formosoft.jpki.x509;

import com.formosoft.jpki.asn1.ASN1GeneralizedTime;
import com.formosoft.jpki.asn1.ASN1Integer;
import com.formosoft.jpki.asn1.ASN1UTCTime;
import com.formosoft.jpki.oid.ObjectIdentifier;
import com.formosoft.jpki.util.JCAAlgorithm;
import com.formosoft.jpki.x500.X500Name;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Date;

/* loaded from: input_file:com/formosoft/jpki/x509/X509Generator.class */
public class X509Generator {
    protected BigInteger serial;
    protected X500Name issuer;
    protected Date notBefore;
    protected Date notAfter;
    protected X500Name subject;
    protected X509PublicKey pubkey;
    protected X509Extensions extensions;
    protected int version = 0;
    protected int dateFormat = 0;

    public X509Generator(BigInteger bigInteger, X500Name x500Name, Date date, Date date2, X500Name x500Name2, PublicKey publicKey) {
        this.serial = bigInteger;
        this.issuer = x500Name;
        this.notBefore = date;
        this.notAfter = date2;
        this.subject = x500Name2;
        this.pubkey = new X509PublicKey(publicKey);
    }

    public void setVersion(int i) {
        this.version = i;
    }

    public void setDateFormat(String str) {
        if (str.equalsIgnoreCase("UTC")) {
            this.dateFormat = 0;
        } else {
            if (!str.equalsIgnoreCase("Generalized")) {
                throw new IllegalArgumentException("only UTC/Generalized supported");
            }
            this.dateFormat = 1;
        }
    }

    public void setExtensions(X509Extensions x509Extensions) {
        if (this.version < 2) {
            this.version = 2;
        }
        this.extensions = x509Extensions;
    }

    public X509Certificate sign(PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        return sign(privateKey, "SHA1withRSA");
    }

    public X509Certificate sign(PrivateKey privateKey, String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(str);
        String algorithm = signature.getAlgorithm();
        ObjectIdentifier objectIdentifier = JCAAlgorithm.getObjectIdentifier(algorithm);
        if (objectIdentifier == null) {
            throw new NoSuchAlgorithmException(algorithm);
        }
        X509Algorithm x509Algorithm = new X509Algorithm(objectIdentifier);
        X509CertificateInfo x509CertificateInfo = new X509CertificateInfo(new ASN1Integer(this.version), new ASN1Integer(this.serial), x509Algorithm, this.issuer, this.dateFormat == 0 ? new X509Validity(new ASN1UTCTime(this.notBefore), new ASN1UTCTime(this.notAfter)) : new X509Validity(new ASN1GeneralizedTime(this.notBefore), new ASN1GeneralizedTime(this.notAfter)), this.subject, this.pubkey, this.extensions);
        signature.initSign(privateKey);
        signature.update(x509CertificateInfo.getEncoded());
        return new X509Certificate(x509CertificateInfo, x509Algorithm, signature.sign());
    }
}
