package defpackage;

import java.io.IOException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509ExtensionsGenerator;

/* loaded from: classes2.dex */
public final class lah {
    public ASN1ObjectIdentifier b;
    public AlgorithmIdentifier c;
    public String d;
    public V3TBSCertificateGenerator a = new V3TBSCertificateGenerator();
    public X509ExtensionsGenerator e = new X509ExtensionsGenerator();

    public final X509Certificate a(PrivateKey privateKey, SecureRandom secureRandom) {
        Extension a;
        if (!this.e.b.isEmpty()) {
            V3TBSCertificateGenerator v3TBSCertificateGenerator = this.a;
            X509ExtensionsGenerator x509ExtensionsGenerator = this.e;
            Extensions a2 = Extensions.a(new X509Extensions(x509ExtensionsGenerator.b, x509ExtensionsGenerator.a));
            v3TBSCertificateGenerator.i = a2;
            if (a2 != null && (a = a2.a(Extension.e)) != null && a.G) {
                v3TBSCertificateGenerator.j = true;
            }
        }
        V3TBSCertificateGenerator v3TBSCertificateGenerator2 = this.a;
        if (v3TBSCertificateGenerator2.b == null || v3TBSCertificateGenerator2.c == null || v3TBSCertificateGenerator2.d == null || v3TBSCertificateGenerator2.e == null || v3TBSCertificateGenerator2.f == null || ((v3TBSCertificateGenerator2.g == null && !v3TBSCertificateGenerator2.j) || v3TBSCertificateGenerator2.h == null)) {
            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.a(v3TBSCertificateGenerator2.a);
        aSN1EncodableVector.a(v3TBSCertificateGenerator2.b);
        aSN1EncodableVector.a(v3TBSCertificateGenerator2.c);
        aSN1EncodableVector.a(v3TBSCertificateGenerator2.d);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.a(v3TBSCertificateGenerator2.e);
        aSN1EncodableVector2.a(v3TBSCertificateGenerator2.f);
        aSN1EncodableVector.a(new DERSequence(aSN1EncodableVector2));
        if (v3TBSCertificateGenerator2.g != null) {
            aSN1EncodableVector.a(v3TBSCertificateGenerator2.g);
        } else {
            aSN1EncodableVector.a(new DERSequence());
        }
        aSN1EncodableVector.a(v3TBSCertificateGenerator2.h);
        if (v3TBSCertificateGenerator2.k != null) {
            aSN1EncodableVector.a(new DERTaggedObject(false, 1, v3TBSCertificateGenerator2.k));
        }
        if (v3TBSCertificateGenerator2.l != null) {
            aSN1EncodableVector.a(new DERTaggedObject(false, 2, v3TBSCertificateGenerator2.l));
        }
        if (v3TBSCertificateGenerator2.i != null) {
            aSN1EncodableVector.a(new DERTaggedObject(true, 3, v3TBSCertificateGenerator2.i));
        }
        TBSCertificate a3 = TBSCertificate.a(new DERSequence(aSN1EncodableVector));
        try {
            byte[] a4 = lag.a(this.b, this.d, privateKey, null, a3);
            try {
                ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                aSN1EncodableVector3.a(a3);
                aSN1EncodableVector3.a(this.c);
                aSN1EncodableVector3.a(new DERBitString(a4));
                ASN1Encodable dERSequence = new DERSequence(aSN1EncodableVector3);
                return new kyu(dERSequence instanceof Certificate ? (Certificate) dERSequence : new Certificate(ASN1Sequence.a(dERSequence)));
            } catch (CertificateParsingException e) {
                throw new laf("exception producing certificate object", e);
            }
        } catch (IOException e2) {
            throw new laf("exception encoding TBS cert", e2);
        }
    }
}
