package org.jscep.x509;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.spec.RSAPublicKeySpec;
import java.util.Calendar;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.pkcs.CertificationRequest;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.x509.X509V1CertificateGenerator;

/* loaded from: input_file:org/jscep/x509/X509Util.class */
public final class X509Util {
    private X509Util() {
    }

    public static X509Certificate createEphemeralCertificate(X500Principal x500Principal, KeyPair keyPair) throws GeneralSecurityException {
        Calendar calendar = Calendar.getInstance();
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(5, 2);
        Date time2 = calendar.getTime();
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        x509V1CertificateGenerator.setIssuerDN(x500Principal);
        x509V1CertificateGenerator.setNotBefore(time);
        x509V1CertificateGenerator.setNotAfter(time2);
        x509V1CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V1CertificateGenerator.setSerialNumber(BigInteger.ONE);
        x509V1CertificateGenerator.setSignatureAlgorithm("SHA1with" + keyPair.getPublic().getAlgorithm());
        x509V1CertificateGenerator.setSubjectDN(x500Principal);
        return x509V1CertificateGenerator.generate(keyPair.getPrivate());
    }

    public static X509Name toX509Name(X500Principal x500Principal) {
        try {
            return new X509Name(ASN1Object.fromByteArray(x500Principal.getEncoded()));
        } catch (IOException e) {
            return null;
        }
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) {
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            return true;
        } catch (GeneralSecurityException e) {
            return false;
        }
    }

    public static IssuerAndSerialNumber toIssuerAndSerialNumber(X509Certificate x509Certificate) {
        return new IssuerAndSerialNumber(toX509Name(x509Certificate.getIssuerX500Principal()), x509Certificate.getSerialNumber());
    }

    public static PublicKey getPublicKey(CertificationRequest certificationRequest) throws IOException {
        RSAKeyParameters createKey = PublicKeyFactory.createKey(certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo());
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(createKey.getModulus(), createKey.getExponent()));
        } catch (Exception e) {
            throw new IOException(e);
        }
    }
}
