package org.picketbox.keystore.util;

import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v1CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
import org.bouncycastle.util.io.pem.PemObject;

/* loaded from: input_file:org/picketbox/keystore/util/CertificateUtil.class */
public class CertificateUtil {
    private static SecureRandom random = new SecureRandom();

    public Certificate createX509V1Certificate(KeyPair keyPair, int i, String str) throws CertificateException {
        try {
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
            AlgorithmIdentifier find2 = new DefaultDigestAlgorithmIdentifierFinder().find(find);
            AsymmetricKeyParameter createKey = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
            ContentSigner build = new BcRSAContentSignerBuilder(find, find2).build(createKey);
            Date date = new Date(System.currentTimeMillis() - 86400000);
            Date date2 = new Date(System.currentTimeMillis() + (i * 24 * 60 * 60 * 1000));
            X500Name x500Name = new X500Name(str);
            return new JcaX509CertificateConverter().setProvider("BC").getCertificate(new X509v1CertificateBuilder(x500Name, createSerialNumber(), date, date2, x500Name, subjectPublicKeyInfo).build(build));
        } catch (CertificateException e) {
            throw e;
        } catch (Exception e2) {
            throw new CertificateException(e2);
        }
    }

    public byte[] createCSR(String str, KeyPair keyPair) throws CertificateException {
        X500Name x500Name = new X500Name(str);
        try {
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
            AlgorithmIdentifier find2 = new DefaultDigestAlgorithmIdentifierFinder().find(find);
            return new PKCS10CertificationRequestBuilder(x500Name, SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())).build(new BcRSAContentSignerBuilder(find, find2).build(PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded()))).getEncoded();
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }

    public String getPEM(byte[] bArr) throws IOException {
        PemObject pemObject = new PemObject("CERTIFICATE REQUEST", bArr);
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        pEMWriter.writeObject(pemObject);
        pEMWriter.close();
        stringWriter.close();
        return stringWriter.toString();
    }

    public KeyPair generateKeyPair(String str) throws GeneralSecurityException {
        return KeyPairGenerator.getInstance(str).genKeyPair();
    }

    public BigInteger createSerialNumber() throws GeneralSecurityException {
        return new BigInteger(4, random);
    }

    static {
        SecurityActions.addProvider(new BouncyCastleProvider());
    }
}
