package org.intermine.web.security;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import net.sf.ehcache.concurrent.Sync;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:WEB-INF/classes/org/intermine/web/security/KeySigner.class */
public class KeySigner {
    public static final String DEFAULT_ALGORITHM = "SHA256withRSA";
    private PrivateKey signingKey;
    private String issuer;
    private int days;
    private String algorithm;

    /* loaded from: input_file:WEB-INF/classes/org/intermine/web/security/KeySigner$SigningException.class */
    public final class SigningException extends Exception {
        private SigningException(Throwable th) {
            super(th);
        }

        private SigningException(String str, Throwable th) {
            super(str, th);
        }
    }

    public KeySigner(PrivateKey privateKey, String str, int i, String str2) {
        this.signingKey = privateKey;
        this.issuer = str;
        this.days = i;
        this.algorithm = str2;
    }

    public X509Certificate generateCertificate(String str, PublicKey publicKey) throws SigningException {
        Security.addProvider(new BouncyCastleProvider());
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=" + str));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal(this.issuer));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setNotBefore(new Date());
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + (Sync.ONE_DAY * this.days)));
        x509V3CertificateGenerator.setSignatureAlgorithm(this.algorithm);
        try {
            return x509V3CertificateGenerator.generate(this.signingKey, "BC");
        } catch (IllegalStateException e) {
            throw new SigningException(e);
        } catch (InvalidKeyException e2) {
            throw new SigningException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new SigningException("Unknown algorithm", e3);
        } catch (NoSuchProviderException e4) {
            throw new SigningException(e4);
        } catch (SignatureException e5) {
            throw new SigningException(e5);
        } catch (CertificateEncodingException e6) {
            throw new SigningException(e6);
        }
    }
}
