package org.sufficientlysecure.keychain.pgp;

import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.util.Date;
import java.util.Iterator;
import java.util.Vector;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.DERObjectIdentifier;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.GeneralName;
import org.spongycastle.asn1.x509.GeneralNames;
import org.spongycastle.asn1.x509.X509Extensions;
import org.spongycastle.asn1.x509.X509Name;
import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPPrivateKey;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.x509.X509V3CertificateGenerator;
import org.spongycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.spongycastle.x509.extension.SubjectKeyIdentifierStructure;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.util.Log;

/* loaded from: classes.dex */
public class PgpToX509 {
    public static final String DN_COMMON_PART_O = "OpenPGP to X.509 Bridge";
    public static final String DN_COMMON_PART_OU = "OpenPGP Keychain cert";

    /* loaded from: classes.dex */
    public static final class PredefinedPasswordCallbackHandler implements CallbackHandler {
        private char[] password;
        private String prompt;

        public PredefinedPasswordCallbackHandler(String str) {
            this(str == null ? null : str.toCharArray(), (String) null);
        }

        public PredefinedPasswordCallbackHandler(String str, String str2) {
            this(str == null ? null : str.toCharArray(), str2);
        }

        public PredefinedPasswordCallbackHandler(char[] cArr) {
            this(cArr, (String) null);
        }

        public PredefinedPasswordCallbackHandler(char[] cArr, String str) {
            this.password = cArr;
            this.prompt = str;
        }

        protected final Object clone() throws CloneNotSupportedException {
            throw new CloneNotSupportedException();
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (Callback callback : callbackArr) {
                if (!(callback instanceof PasswordCallback)) {
                    throw new UnsupportedCallbackException(callback, "Unrecognised callback.");
                }
                PasswordCallback passwordCallback = (PasswordCallback) callback;
                if (this.prompt == null || this.prompt.equals(passwordCallback.getPrompt())) {
                    passwordCallback.setPassword(this.password);
                }
            }
        }
    }

    public static X509Certificate createSelfSignedCert(PublicKey publicKey, PrivateKey privateKey, X509Name x509Name, Date date, Date date2, String str) throws InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.reset();
        x509V3CertificateGenerator.setIssuerDN(x509Name);
        x509V3CertificateGenerator.setSubjectDN(x509Name);
        if (date == null) {
            date = new Date(System.currentTimeMillis());
        }
        x509V3CertificateGenerator.setNotBefore(date);
        if (date2 == null) {
            date2 = new Date(date.getTime() + 31536000000L);
            Log.d(Constants.TAG, "end date is=" + DateFormat.getDateInstance().format(date2));
        }
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSerialNumber(BigInteger.ONE);
        x509V3CertificateGenerator.setPublicKey(publicKey);
        String algorithm = publicKey.getAlgorithm();
        if (algorithm.equals("DSA")) {
            x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithDSA");
        } else {
            if (!algorithm.equals("RSA")) {
                RuntimeException runtimeException = new RuntimeException("Algorithm not recognised: " + algorithm);
                Log.e(Constants.TAG, runtimeException.getMessage(), runtimeException);
                throw runtimeException;
            }
            x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSAEncryption");
        }
        x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.BasicConstraints, true, (ASN1Encodable) new BasicConstraints(true));
        x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.SubjectKeyIdentifier, false, (ASN1Encodable) new SubjectKeyIdentifierStructure(publicKey));
        x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.AuthorityKeyIdentifier, false, (ASN1Encodable) new AuthorityKeyIdentifierStructure(publicKey));
        if (str != null) {
            x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.SubjectAlternativeName, false, (ASN1Encodable) new GeneralNames(new GeneralName(6, str)));
        }
        X509Certificate generate = x509V3CertificateGenerator.generate(privateKey);
        generate.verify(publicKey);
        return generate;
    }

    public static X509Certificate createSelfSignedCert(PGPSecretKey pGPSecretKey, PGPPrivateKey pGPPrivateKey, String str) throws PGPException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, SignatureException, CertificateException {
        PGPPublicKey publicKey = pGPSecretKey.getPublicKey();
        Vector vector = new Vector();
        Vector vector2 = new Vector();
        vector.add(X509Name.O);
        vector2.add(DN_COMMON_PART_O);
        vector.add(X509Name.OU);
        vector2.add(DN_COMMON_PART_OU);
        Iterator userIDs = pGPSecretKey.getUserIDs();
        while (userIDs.hasNext()) {
            userIDs.next();
            vector.add(X509Name.CN);
            vector2.add("CryptoCall");
        }
        Log.d(Constants.TAG, "User attributes: ");
        Iterator userAttributes = pGPSecretKey.getUserAttributes();
        while (userAttributes.hasNext()) {
            Object next = userAttributes.next();
            Log.d(Constants.TAG, " - " + next + " -- " + next.getClass());
        }
        X509Name x509Name = new X509Name(vector, vector2);
        Log.d(Constants.TAG, "Subject DN: " + x509Name);
        Date creationTime = publicKey.getCreationTime();
        Log.d(Constants.TAG, "pgp pub key creation time=" + DateFormat.getDateInstance().format(creationTime));
        Log.d(Constants.TAG, "pgp valid seconds=" + publicKey.getValidSeconds());
        return createSelfSignedCert(publicKey.getKey("SC"), pGPPrivateKey.getKey(), x509Name, creationTime, publicKey.getValidSeconds() > 0 ? new Date(creationTime.getTime() + (1000 * publicKey.getValidSeconds())) : null, str);
    }
}
