package com.ibm.security.x509;

import com.ibm.misc.Debug;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.pkcs10.CertificationRequestInfo;
import com.ibm.security.pkcsutil.PKCSException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Date;

/* loaded from: input_file:efixes/PQ88647_win/components/prereq.jdk/update.jar:/java/jre/lib/security.jar:com/ibm/security/x509/CertAndKeyGen.class */
public final class CertAndKeyGen {
    private SecureRandom prng;
    private String sigAlg;
    private KeyPairGenerator keyGen;
    private PublicKey publicKey;
    private PrivateKey privateKey;
    private String provider;
    private static Debug debug = Debug.getInstance("ibmpkcs");
    private static String className = "com.ibm.security.x509.CertAndKeyGen";

    public CertAndKeyGen(String str, String str2) throws NoSuchAlgorithmException {
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, className, "CertAndKeyGen", str, str2);
        }
        this.keyGen = KeyPairGenerator.getInstance(str);
        this.sigAlg = str2;
        if (debug != null) {
            debug.exit(16384L, className, "CertAndKeyGen");
        }
    }

    public CertAndKeyGen(String str, String str2, String str3) throws NoSuchAlgorithmException, NoSuchProviderException {
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, (Object) className, "CertAndKeyGen", new Object[]{str, str2, str3});
        }
        if (str3 != null) {
            this.provider = new String(str3);
            this.keyGen = KeyPairGenerator.getInstance(str, str3);
        } else {
            this.keyGen = KeyPairGenerator.getInstance(str);
        }
        this.sigAlg = str2;
        if (debug != null) {
            debug.exit(16384L, className, "CertAndKeyGen");
        }
    }

    public void generate(int i) throws InvalidKeyException {
        if (debug != null) {
            debug.entry(16384L, className, "generate", new Integer(i));
        }
        try {
            if (this.prng == null) {
                this.prng = new SecureRandom();
            }
            this.keyGen.initialize(i, this.prng);
            KeyPair generateKeyPair = this.keyGen.generateKeyPair();
            this.publicKey = generateKeyPair.getPublic();
            this.privateKey = generateKeyPair.getPrivate();
            if (debug != null) {
                debug.exit(16384L, className, "generate");
            }
        } catch (Exception e) {
            if (debug != null) {
                debug.exception(16384L, className, "generate", e);
            }
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public void generate(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidKeyException {
        if (debug != null) {
            debug.entry(16384L, className, "generate", algorithmParameterSpec);
        }
        try {
            if (this.prng == null) {
                this.prng = new SecureRandom();
            }
            this.keyGen.initialize(algorithmParameterSpec, this.prng);
            KeyPair generateKeyPair = this.keyGen.generateKeyPair();
            this.publicKey = generateKeyPair.getPublic();
            this.privateKey = generateKeyPair.getPrivate();
            if (debug != null) {
                debug.exit(16384L, className, "generate");
            }
        } catch (Exception e) {
            if (debug != null) {
                debug.exception(16384L, className, "generate", e);
            }
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public CertificationRequest getCertRequest(X500Name x500Name) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        if (debug != null) {
            debug.entry(16384L, className, "getCertRequest", x500Name);
        }
        try {
            CertificationRequest sign = new CertificationRequest(new CertificationRequestInfo(x500Name, this.publicKey, null, this.provider), this.provider).sign(this.sigAlg, this.privateKey);
            if (debug != null) {
                debug.exit(16384L, className, "getCertRequest", sign);
            }
            return sign;
        } catch (PKCSException e) {
            if (debug != null) {
                debug.exception(16384L, className, "getCertRequest", e);
            }
            throw new SignatureException(new StringBuffer(String.valueOf(this.sigAlg)).append(" PKCSException").toString());
        }
    }

    public KeyPairGenerator getKeyPairGenerator() {
        if (debug != null) {
            debug.entry(16384L, className, "getKeyPairGenerator");
            debug.exit(16384L, className, "getKeyPairGenerator", this.keyGen);
        }
        return this.keyGen;
    }

    public PrivateKey getPrivateKey() {
        if (debug != null) {
            debug.entry(16384L, className, "getPrivateKey");
            debug.exit(16384L, className, "getPrivateKey", this.privateKey);
        }
        return this.privateKey;
    }

    public X509Key getPublicKey() {
        if (debug != null) {
            debug.entry(16384L, className, "getPublicKey");
        }
        if (this.publicKey instanceof X509Key) {
            if (debug != null) {
                debug.exit(16384L, className, "getPublicKey_2", (X509Key) this.publicKey);
            }
            return (X509Key) this.publicKey;
        }
        if (debug == null) {
            return null;
        }
        debug.exit(16384L, className, "getPublicKey_1", (Object) null);
        return null;
    }

    public X509Certificate getSelfCertificate(X500Name x500Name, long j) throws CertificateException, InvalidKeyException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException {
        if (debug != null) {
            debug.entry(16384L, className, "getSelfCertificate", x500Name, new Long(j));
            debug.exit(16384L, className, "getSelfCertificate", getSelfCertificate(x500Name, j, 2));
        }
        return getSelfCertificate(x500Name, j, 2);
    }

    public X509Certificate getSelfCertificate(X500Name x500Name, long j, int i) throws CertificateException, InvalidKeyException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException {
        try {
            if (debug != null) {
                debug.entry(16384L, (Object) className, "getSelfCertificate", new Object[]{x500Name, new Long(j), new Integer(i)});
            }
            X500Signer signer = getSigner(x500Name);
            Date date = new Date();
            Date date2 = new Date();
            date2.setTime(date2.getTime() + (j * 1000));
            CertificateValidity certificateValidity = new CertificateValidity(date, date2);
            X509CertInfo x509CertInfo = new X509CertInfo();
            if (i == 0 || i == 1 || i == 2) {
                x509CertInfo.set("version", new CertificateVersion(i));
            } else {
                x509CertInfo.set("version", new CertificateVersion(2));
            }
            x509CertInfo.set("serialNumber", new CertificateSerialNumber((int) (date.getTime() / 1000)));
            x509CertInfo.set("algorithmID", new CertificateAlgorithmId(signer.getAlgorithmId()));
            x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
            x509CertInfo.set("key", new CertificateX509Key(this.publicKey));
            x509CertInfo.set("validity", certificateValidity);
            x509CertInfo.set("issuer", new CertificateIssuerName(signer.getSigner()));
            X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
            if (this.provider == null) {
                x509CertImpl.sign(this.privateKey, this.sigAlg);
            } else {
                x509CertImpl.sign(this.privateKey, this.sigAlg, this.provider);
            }
            if (debug != null) {
                debug.exit(16384L, className, "getSelfCertificate", x509CertImpl);
            }
            return x509CertImpl;
        } catch (IOException e) {
            if (debug != null) {
                debug.exception(16384L, className, "getSelfCertificate", e);
            }
            throw new CertificateEncodingException(new StringBuffer("getSelfCert: ").append(e.getMessage()).toString());
        }
    }

    private X500Signer getSigner(X500Name x500Name) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException {
        if (debug != null) {
            debug.entry(16384L, className, "getSigner", x500Name);
        }
        Signature signature = this.provider != null ? Signature.getInstance(this.sigAlg, this.provider) : Signature.getInstance(this.sigAlg);
        signature.initSign(this.privateKey);
        if (debug != null) {
            debug.exit(16384L, className, "getSigner", new X500Signer(signature, x500Name));
        }
        return new X500Signer(signature, x500Name);
    }

    public Key newGetPublicKey() {
        if (debug != null) {
            debug.entry(16384L, className, "newGetPublicKey");
            debug.exit(16384L, className, "newGetPublicKey", this.publicKey);
        }
        return this.publicKey;
    }

    public void setRandom(SecureRandom secureRandom) {
        if (debug != null) {
            debug.entry(16384L, className, "setRandom", secureRandom);
            debug.exit(16384L, className, "setRandom");
        }
        this.prng = secureRandom;
    }
}
