package okhttp3.internal.tls;

import defpackage.hv0;
import defpackage.ku0;
import defpackage.os0;
import defpackage.ou0;
import defpackage.qq0;
import defpackage.ts0;
import defpackage.vu0;
import defpackage.zv0;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import okhttp3.internal.Util;

/* loaded from: classes.dex */
public final class HeldCertificate {
    public final X509Certificate certificate;
    public final KeyPair keyPair;

    /* loaded from: classes.dex */
    public static final class Builder {
        public String hostname;
        public HeldCertificate issuedBy;
        public KeyPair keyPair;
        public int maxIntermediateCas;
        public final long duration = 86400000;
        public List<String> altNames = new ArrayList();
        public String serialNumber = "1";

        static {
            Security.addProvider(new hv0());
        }

        public HeldCertificate build() throws GeneralSecurityException {
            KeyPair keyPair;
            X500Principal x500Principal;
            KeyPair keyPair2 = this.keyPair;
            if (keyPair2 == null) {
                keyPair2 = generateKeyPair();
            }
            X500Principal x500Principal2 = this.hostname != null ? new X500Principal("CN=" + this.hostname) : new X500Principal("CN=" + UUID.randomUUID());
            HeldCertificate heldCertificate = this.issuedBy;
            if (heldCertificate != null) {
                keyPair = heldCertificate.keyPair;
                x500Principal = heldCertificate.certificate.getSubjectX500Principal();
            } else {
                keyPair = keyPair2;
                x500Principal = x500Principal2;
            }
            long currentTimeMillis = System.currentTimeMillis();
            zv0 zv0Var = new zv0();
            zv0Var.a(new BigInteger(this.serialNumber));
            zv0Var.a(x500Principal);
            zv0Var.b(new Date(currentTimeMillis));
            zv0Var.a(new Date(currentTimeMillis + 86400000));
            zv0Var.b(x500Principal2);
            zv0Var.a(keyPair2.getPublic());
            zv0Var.a("SHA256WithRSAEncryption");
            int i = this.maxIntermediateCas;
            if (i > 0) {
                zv0Var.a((os0) vu0.f, true, (qq0) new ku0(i));
            }
            if (!this.altNames.isEmpty()) {
                qq0[] qq0VarArr = new qq0[this.altNames.size()];
                int size = this.altNames.size();
                for (int i2 = 0; i2 < size; i2++) {
                    String str = this.altNames.get(i2);
                    qq0VarArr[i2] = new ou0(Util.verifyAsIpAddress(str) ? 7 : 2, str);
                }
                zv0Var.a((os0) vu0.e, true, (qq0) new ts0(qq0VarArr));
            }
            return new HeldCertificate(zv0Var.a(keyPair.getPrivate(), "BC"), keyPair2);
        }

        public Builder ca(int i) {
            this.maxIntermediateCas = i;
            return this;
        }

        public Builder commonName(String str) {
            this.hostname = str;
            return this;
        }

        public KeyPair generateKeyPair() throws GeneralSecurityException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
            keyPairGenerator.initialize(1024, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        }

        public Builder issuedBy(HeldCertificate heldCertificate) {
            this.issuedBy = heldCertificate;
            return this;
        }

        public Builder keyPair(KeyPair keyPair) {
            this.keyPair = keyPair;
            return this;
        }

        public Builder serialNumber(String str) {
            this.serialNumber = str;
            return this;
        }

        public Builder subjectAlternativeName(String str) {
            this.altNames.add(str);
            return this;
        }
    }

    public HeldCertificate(X509Certificate x509Certificate, KeyPair keyPair) {
        this.certificate = x509Certificate;
        this.keyPair = keyPair;
    }
}
