package bdware.doip.codec.cert;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.time.Instant;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.cert.X509ExtensionUtils;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:bdware/doip/codec/cert/X509Generator.class */
public class X509Generator {
    private static final String signatureAlgorithm = "1.2.156.10197.1.501";
    static Logger logger = Logger.getLogger(X509Generator.class);
    private static final Date notBefore = Date.from(Instant.parse("2000-01-01T00:00:00Z"));
    private static final Date notAfter = Date.from(Instant.parse("9999-12-31T23:59:59Z"));
    private static String SignAlgor = "1.2.156.10197.1.301";

    public static X509Certificate genSM2CertByRoot(KeyPair keyPair) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        BigInteger bigInteger = BigInteger.ONE;
        keyPair.getPrivate();
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        X500Principal x500Principal = new X500Principal("CN=Test V3 Certificate");
        x509V3CertificateGenerator.setSerialNumber(bigInteger);
        x509V3CertificateGenerator.setNotBefore(notBefore);
        x509V3CertificateGenerator.setNotAfter(notAfter);
        x509V3CertificateGenerator.setSubjectDN(x500Principal);
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm(signatureAlgorithm);
        return x509V3CertificateGenerator.generate(keyPair.getPrivate(), BouncyCastleProvider.PROVIDER_NAME);
    }

    public static X509Certificate genCert(KeyPair keyPair) {
        new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
        Security.addProvider(new BouncyCastleProvider());
        String str = "保存的路径" + ("root" + (new Date().getTime() / 1000)) + ".cer";
        try {
            System.out.println("=====公钥算法=====" + keyPair.getPublic().getAlgorithm());
            BCECPublicKey bCECPublicKey = (BCECPublicKey) keyPair.getPublic();
            X500Principal x500Principal = new X500Principal("CN=小帅丶博客,O=小帅丶博客");
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
            x509V3CertificateGenerator.setIssuerDN(x500Principal);
            x509V3CertificateGenerator.setNotBefore(new Date());
            x509V3CertificateGenerator.setNotAfter(notAfter);
            x509V3CertificateGenerator.setSubjectDN(x500Principal);
            x509V3CertificateGenerator.setSignatureAlgorithm(SignAlgor);
            x509V3CertificateGenerator.setPublicKey(bCECPublicKey);
            new X509ExtensionUtils(new BcDigestCalculatorProvider().get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
            x509V3CertificateGenerator.addExtension(Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(0));
            return x509V3CertificateGenerator.generate(keyPair.getPrivate(), BouncyCastleProvider.PROVIDER_NAME);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static ContentSigner createSigner(PrivateKey privateKey) throws OperatorCreationException {
        return new JcaContentSignerBuilder("SM3withSM2").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey);
    }
}
