package com.qianbao.common.util;

import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAKey;
import java.util.Date;
import java.util.Hashtable;
import java.util.Random;
import java.util.Vector;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.x509.X509V1CertificateGenerator;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:target/loan_util_api-0.0.5-SNAPSHOT.jar:com/qianbao/common/util/X509CertificateUtil.class */
public class X509CertificateUtil {
    private static final String DEFAULT_CA_ROOT_DN = "C=CN, L=北京, O=中融金（北京）科技有限公司, OU=北京公司";
    private static Provider provider = new BouncyCastleProvider();
    private static Random serialNumberGenerator;

    /* loaded from: input_file:target/loan_util_api-0.0.5-SNAPSHOT.jar:com/qianbao/common/util/X509CertificateUtil$SimpleSubjectDN.class */
    public static class SimpleSubjectDN {
        public String country = "CN";
        public String location = "北京";
        public String company = "中融金（北京）科技有限公司";
        public String username = "赵俊飞";
        public String email = "zhaojf@qianbao.com";
    }

    static {
        Security.addProvider(provider);
        serialNumberGenerator = new Random();
    }

    public static X509Certificate generateCaRootCertificate(PublicKey publicKey, PrivateKey privateKey) {
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        x509V1CertificateGenerator.setSerialNumber(BigInteger.valueOf(82990590L));
        x509V1CertificateGenerator.setIssuerDN(new X509Principal(DEFAULT_CA_ROOT_DN));
        x509V1CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 315360000000L));
        x509V1CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 31536000000L));
        x509V1CertificateGenerator.setSubjectDN(new X509Principal(DEFAULT_CA_ROOT_DN));
        x509V1CertificateGenerator.setPublicKey(publicKey);
        x509V1CertificateGenerator.setSignatureAlgorithm("MD5WITHRSAENCRYPTION");
        try {
            return x509V1CertificateGenerator.generate(privateKey, "BC");
        } catch (IllegalStateException e) {
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            throw new RuntimeException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new RuntimeException(e3);
        } catch (NoSuchProviderException e4) {
            throw new RuntimeException(e4);
        } catch (SignatureException e5) {
            throw new RuntimeException(e5);
        } catch (CertificateEncodingException e6) {
            throw new RuntimeException(e6);
        }
    }

    public static X509Certificate generateClientCertificate(PublicKey publicKey, PrivateKey privateKey, SimpleSubjectDN simpleSubjectDN) {
        Hashtable hashtable = new Hashtable();
        Vector vector = new Vector();
        hashtable.put(X509Principal.C, simpleSubjectDN.country);
        hashtable.put(X509Principal.O, simpleSubjectDN.company);
        hashtable.put(X509Principal.L, simpleSubjectDN.location);
        hashtable.put(X509Principal.CN, simpleSubjectDN.username);
        hashtable.put(X509Principal.EmailAddress, simpleSubjectDN.email);
        vector.addElement(X509Principal.C);
        vector.addElement(X509Principal.O);
        vector.addElement(X509Principal.L);
        vector.addElement(X509Principal.CN);
        vector.addElement(X509Principal.EmailAddress);
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.reset();
        byte[] bArr = new byte[16];
        serialNumberGenerator.nextBytes(bArr);
        bArr[0] = 0;
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(bArr));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal(DEFAULT_CA_ROOT_DN));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 2592000000L));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 315360000000L));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal(vector, hashtable));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("MD5WithRSAEncryption");
        try {
            return x509V3CertificateGenerator.generate(privateKey, "BC");
        } catch (IllegalStateException e) {
            throw new RuntimeException(e);
        } catch (SecurityException e2) {
            throw new RuntimeException(e2);
        } catch (InvalidKeyException e3) {
            throw new RuntimeException(e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException(e4);
        } catch (NoSuchProviderException e5) {
            throw new RuntimeException(e5);
        } catch (SignatureException e6) {
            throw new RuntimeException(e6);
        } catch (CertificateEncodingException e7) {
            throw new RuntimeException(e7);
        }
    }

    public static void writeCertificateToPemFile(X509Certificate x509Certificate, File file) {
        PEMWriter pEMWriter = null;
        try {
            try {
                if (!file.exists()) {
                    file.createNewFile();
                }
                pEMWriter = new PEMWriter(new FileWriter(file));
                pEMWriter.writeObject(x509Certificate);
                pEMWriter.flush();
                if (pEMWriter != null) {
                    try {
                        pEMWriter.close();
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th) {
            if (pEMWriter != null) {
                try {
                    pEMWriter.close();
                } catch (IOException e3) {
                    throw new RuntimeException(e3);
                }
            }
            throw th;
        }
    }

    public static X509Certificate readCertificateFromPemFile(File file) {
        PEMReader pEMReader = null;
        try {
            try {
                if (!file.exists()) {
                    throw new IllegalArgumentException("pem文件不存在");
                }
                PEMReader pEMReader2 = new PEMReader(new FileReader(file));
                X509Certificate x509Certificate = (X509Certificate) pEMReader2.readObject();
                if (pEMReader2 != null) {
                    try {
                        pEMReader2.close();
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
                return x509Certificate;
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    pEMReader.close();
                } catch (IOException e3) {
                    throw new RuntimeException(e3);
                }
            }
            throw th;
        }
    }

    public static void main(String[] strArr) {
        RSAUtil.generateKeyPair(1024);
        byte[] base16decode = ByteArrayUtil.base16decode("30819F300D06092A864886F70D010101050003818D0030818902818100B3A973E779C47BE72598A963893ECEB592BCD18F2C479F87326B4E90A531E9BEF56A61312B9D4AEF68296169F64193122D7B24E54A1BA22EA03516AA06D8F1DAFC5C831E05457895397730E3C0F84C146CAE8735C1F851D844CF205C3553C7A1133BC9B8D5BB9537A9E5348DF6F93ECE3E4174E8FCAD72C94E294C79BC1E368D0203010001");
        byte[] base16decode2 = ByteArrayUtil.base16decode("30820276020100300D06092A864886F70D0101010500048202603082025C02010002818100B3A973E779C47BE72598A963893ECEB592BCD18F2C479F87326B4E90A531E9BEF56A61312B9D4AEF68296169F64193122D7B24E54A1BA22EA03516AA06D8F1DAFC5C831E05457895397730E3C0F84C146CAE8735C1F851D844CF205C3553C7A1133BC9B8D5BB9537A9E5348DF6F93ECE3E4174E8FCAD72C94E294C79BC1E368D020301000102818001857ED8C7FC34FC692218D521F56934BA7064E9EC7B12CBC74E8754CC4156F46A09A39712027BFEF907D8AE580A881F504949AFB367F680A494AE837419643AEDD713431742D62CFA01D700575DC1BA50D20CABDFAA9C6E2AD7D87775E72875B3783C74E2F4F75546D7B3A93473AF988A74AB4A2EE30ABDDA973EB8DCAD4095024100FDCC6A8893C52A7C2172133BA5BD711D98FCE68B189CDF28FBA405C8496F52DA5FE2AD6560646709D4C5A82CCA65DA083F9A0A81FA7AE26E88425DFD5B50740B024100B53868C4402DFFC50F5737675C38F78768F95B834C6B8C280296E5643DB629A7D42068D6BA22EC916247722177CFCBFDC896ED77FE6751ABCD3C94F3A92B46C702401E94F82D56E9063288F12F021BF994DCC5278C3C2C8E1291E4A8A20DBD538DBF449892DE495C2FD24E7236CE96E0E901DF70175E0C29AC89372010254C50887B024100ACEF98E2F7502E4D92972B73028A06857D42C0F6EA5D9391B6EEE317A6E0889DF50BBCA0755ED09CE8C9BF7B7AC79D26A15E8E5D3D34C1B68E93EA9D1FEA018F02404AFEAC9FF92F99D39A4D2BF124CD52C30C9019E2C63105AB5432FB410B265E08EE2AA445E139D2F3174D18F870CFAFD20D7A0093782B1B7BCE8EEEFB1999C5F8");
        RSAKey publicKey = RSAUtil.getPublicKey(base16decode);
        byte[] encryptData = RSAUtil.encryptData(RSAUtil.getPrivateKey(base16decode2), "zhaojf".getBytes());
        System.out.println(ByteArrayUtil.base16(encryptData));
        System.out.println(new String(RSAUtil.decryptData(publicKey, encryptData)));
    }
}
