package defpackage;

import iaik.asn1.ObjectID;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.DistributionPoint;
import iaik.asn1.structures.GeneralName;
import iaik.asn1.structures.GeneralNames;
import iaik.asn1.structures.GeneralSubtree;
import iaik.asn1.structures.Name;
import iaik.asn1.structures.PolicyInformation;
import iaik.asn1.structures.PolicyMapping;
import iaik.asn1.structures.PolicyQualifierInfo;
import iaik.security.provider.IAIK;
import iaik.security.rsa.RSAPrivateKey;
import iaik.utils.KeyAndCertificate;
import iaik.x509.V3Extension;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionException;
import iaik.x509.extensions.AuthorityKeyIdentifier;
import iaik.x509.extensions.BasicConstraints;
import iaik.x509.extensions.CRLDistributionPoints;
import iaik.x509.extensions.CertificatePolicies;
import iaik.x509.extensions.IssuerAltName;
import iaik.x509.extensions.KeyUsage;
import iaik.x509.extensions.NameConstraints;
import iaik.x509.extensions.PolicyConstraints;
import iaik.x509.extensions.PolicyMappings;
import iaik.x509.extensions.PrivateKeyUsagePeriod;
import iaik.x509.extensions.SubjectAltName;
import iaik.x509.extensions.SubjectKeyIdentifier;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Vector;

/* loaded from: input_file:CertificateExtensions.class */
public class CertificateExtensions {
    public X509Certificate createCertificate(Name name, PublicKey publicKey, Name name2, PrivateKey privateKey, AlgorithmID algorithmID, String str, int i, V3Extension[] v3ExtensionArr) throws IOException, CertificateException {
        X509Certificate x509Certificate = new X509Certificate();
        x509Certificate.setSerialNumber(BigInteger.valueOf(i));
        x509Certificate.setSubjectDN(name);
        try {
            x509Certificate.setPublicKey(publicKey);
            x509Certificate.setIssuerDN(name2);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            x509Certificate.setValidNotBefore(gregorianCalendar.getTime());
            gregorianCalendar.add(1, 1);
            x509Certificate.setValidNotAfter(gregorianCalendar.getTime());
            if (v3ExtensionArr != null) {
                for (V3Extension v3Extension : v3ExtensionArr) {
                    x509Certificate.addExtension(v3Extension);
                }
            }
            x509Certificate.sign(algorithmID, privateKey);
            if (str != null) {
                x509Certificate.writeTo(new FileOutputStream(str));
            }
            return x509Certificate;
        } catch (X509ExtensionException e) {
            throw new CertificateException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new CertificateException(e2.toString());
        } catch (NoSuchAlgorithmException e3) {
            throw new CertificateException(e3.toString());
        }
    }

    public boolean start() {
        try {
            Vector vector = new Vector();
            KeyAndCertificate keyAndCertificate = new KeyAndCertificate("test/caRSA.pem");
            keyAndCertificate.getCertificateChain();
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) keyAndCertificate.getPrivateKey();
            ObjectID objectID = new ObjectID("1.2.3.4.5", "iaikTest");
            ObjectID objectID2 = new ObjectID("1.2.3.4.5.1", "iaikPolicy1");
            ObjectID objectID3 = new ObjectID("1.2.3.4.5.2", "iaikPolicy2");
            Name name = new Name();
            name.addRDN(ObjectID.country, "AT");
            name.addRDN(ObjectID.locality, "Graz");
            name.addRDN(ObjectID.organization, "UT Graz");
            name.addRDN(ObjectID.organizationalUnit, "IAIK");
            name.addRDN(ObjectID.commonName, "Joe Testuser");
            AuthorityKeyIdentifier authorityKeyIdentifier = new AuthorityKeyIdentifier();
            authorityKeyIdentifier.setKeyIdentifier(new byte[]{9, 8, 7, 6, 5, 4, 3, 2, 1});
            authorityKeyIdentifier.setAuthorityCertIssuer(new GeneralNames(new GeneralName(GeneralName.uniformResourceIdentifier, "http://ca.test.com/")));
            authorityKeyIdentifier.setAuthorityCertSerialNumber(new BigInteger("235123512365215"));
            vector.addElement(authorityKeyIdentifier);
            BasicConstraints basicConstraints = new BasicConstraints(true, 1);
            basicConstraints.setCritical(true);
            vector.addElement(basicConstraints);
            vector.addElement(new CertificatePolicies(new PolicyInformation[]{new PolicyInformation(objectID, new PolicyQualifierInfo[]{new PolicyQualifierInfo("IAIK", new int[]{12, 35}, "Only a Test!")})}));
            Name name2 = new Name();
            name2.addRDN(ObjectID.country, "AT");
            name2.addRDN(ObjectID.locality, "Graz");
            name2.addRDN(ObjectID.organization, "UT Graz");
            name2.addRDN(ObjectID.organizationalUnit, "IAIK");
            name2.addRDN(ObjectID.commonName, "http://ca.iaik.com/");
            vector.addElement(new CRLDistributionPoints(new DistributionPoint(name2)));
            GeneralNames generalNames = new GeneralNames();
            generalNames.addName(new GeneralName(GeneralName.uniformResourceIdentifier, "http://www.test.com/"));
            vector.addElement(new IssuerAltName(generalNames));
            vector.addElement(new KeyUsage(111));
            NameConstraints nameConstraints = new NameConstraints();
            GeneralSubtree generalSubtree = new GeneralSubtree(new GeneralName(GeneralName.rfc822Name, "*.tu-graz.ac.at"));
            generalSubtree.setMinimum(1);
            generalSubtree.setMaximum(3);
            nameConstraints.setPermittedSubtrees(new GeneralSubtree[]{generalSubtree});
            vector.addElement(nameConstraints);
            PolicyConstraints policyConstraints = new PolicyConstraints();
            policyConstraints.setRequireExplicitPolicy(3);
            policyConstraints.setInhibitExplicitPolicy(7);
            vector.addElement(policyConstraints);
            PolicyMappings policyMappings = new PolicyMappings();
            policyMappings.addMapping(new PolicyMapping(objectID2, objectID3));
            vector.addElement(policyMappings);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.add(1, 1);
            vector.addElement(new PrivateKeyUsagePeriod(new Date(), gregorianCalendar.getTime()));
            GeneralNames generalNames2 = new GeneralNames();
            generalNames2.addName(new GeneralName(GeneralName.iPAddress, "127.0.0.1"));
            vector.addElement(new SubjectAltName(generalNames2));
            vector.addElement(new SubjectKeyIdentifier(new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 9}));
            V3Extension[] v3ExtensionArr = new V3Extension[vector.size()];
            vector.copyInto(v3ExtensionArr);
            System.out.println(new X509Certificate(createCertificate(name, rSAPrivateKey.getPublicKey(), name, rSAPrivateKey, AlgorithmID.md5WithRSAEncryption, null, 1234, v3ExtensionArr).toByteArray()).toString(true));
            return true;
        } catch (IOException e) {
            System.out.println(new StringBuffer("IOException: ").append(e.getMessage()).toString());
            return false;
        } catch (CertificateException e2) {
            System.out.println(new StringBuffer("CertificateException: ").append(e2.getMessage()).toString());
            return false;
        }
    }

    public static void main(String[] strArr) {
        Security.addProvider(new IAIK());
        new CertificateExtensions().start();
    }
}
