package org.vesalainen.security.cert;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.RFC4519Style;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
import org.vesalainen.lang.Primitives;

/* loaded from: input_file:org/vesalainen/security/cert/X509Generator.class */
public class X509Generator {
    public X509Certificate generateSelfSignedCertificate(String str, KeyPair keyPair, int i, String str2) throws CertificateException {
        return generateCertificate(str, null, keyPair, null, i, str2);
    }

    public X509Certificate generateCertificate(String str, String str2, KeyPair keyPair, PrivateKey privateKey, int i, String str3) throws CertificateException {
        if (privateKey == null) {
            privateKey = keyPair.getPrivate();
        }
        X500Name x500Name = str2 == null ? new X500Name(RFC4519Style.INSTANCE, str) : new X500Name(RFC4519Style.INSTANCE, str2);
        long currentTimeMillis = System.currentTimeMillis();
        return new JcaX509CertificateConverter().getCertificate(new X509v3CertificateBuilder(x500Name, BigInteger.probablePrime(64, new SecureRandom(Primitives.writeLong(currentTimeMillis))), new Date(currentTimeMillis - 86400000), new Date(currentTimeMillis + (i * 86400000)), new X500Name(RFC4519Style.INSTANCE, str), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())).build(createSigner(privateKey, str3)));
    }

    public static ContentSigner createSigner(PrivateKey privateKey, String str) {
        try {
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find(str);
            return new BcRSAContentSignerBuilder(find, new DefaultDigestAlgorithmIdentifierFinder().find(find)).build(PrivateKeyFactory.createKey(privateKey.getEncoded()));
        } catch (Exception e) {
            throw new RuntimeException("Could not create content signer.", e);
        }
    }
}
