package io.jans.as.model.crypto.signature;

import io.jans.as.model.crypto.Certificate;
import io.jans.as.model.crypto.KeyFactory;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Random;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.x509.X509V1CertificateGenerator;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:io/jans/as/model/crypto/signature/ECDSAKeyFactory.class */
public class ECDSAKeyFactory extends KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> {
    private SignatureAlgorithm signatureAlgorithm;
    private KeyPair keyPair;
    private ECDSAPrivateKey ecdsaPrivateKey;
    private ECDSAPublicKey ecdsaPublicKey;
    private Certificate certificate;

    public ECDSAKeyFactory(SignatureAlgorithm signatureAlgorithm, String str) throws InvalidParameterException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, CertificateEncodingException {
        if (signatureAlgorithm == null) {
            throw new InvalidParameterException("The signature algorithm cannot be null");
        }
        this.signatureAlgorithm = signatureAlgorithm;
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(signatureAlgorithm.getCurve().getName());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", "BC");
        keyPairGenerator.initialize(parameterSpec, new SecureRandom());
        this.keyPair = keyPairGenerator.generateKeyPair();
        BCECPrivateKey bCECPrivateKey = (BCECPrivateKey) this.keyPair.getPrivate();
        BCECPublicKey bCECPublicKey = (BCECPublicKey) this.keyPair.getPublic();
        BigInteger bigInteger = bCECPublicKey.getQ().getXCoord().toBigInteger();
        BigInteger bigInteger2 = bCECPublicKey.getQ().getYCoord().toBigInteger();
        this.ecdsaPrivateKey = new ECDSAPrivateKey(bCECPrivateKey.getD());
        this.ecdsaPublicKey = new ECDSAPublicKey(signatureAlgorithm, bigInteger, bigInteger2);
        if (StringUtils.isNotBlank(str)) {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 1);
            BigInteger bigInteger3 = new BigInteger(1024, new Random());
            X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
            X500Principal x500Principal = new X500Principal(str);
            x509V1CertificateGenerator.setSerialNumber(bigInteger3);
            x509V1CertificateGenerator.setIssuerDN(x500Principal);
            x509V1CertificateGenerator.setNotBefore(gregorianCalendar.getTime());
            x509V1CertificateGenerator.setNotAfter(gregorianCalendar2.getTime());
            x509V1CertificateGenerator.setSubjectDN(x500Principal);
            x509V1CertificateGenerator.setPublicKey(this.keyPair.getPublic());
            x509V1CertificateGenerator.setSignatureAlgorithm("SHA256WITHECDSA");
            this.certificate = new Certificate(signatureAlgorithm, x509V1CertificateGenerator.generate(bCECPrivateKey, "BC"));
        }
    }

    public Certificate generateV3Certificate(Date date, Date date2, String str) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException {
        BigInteger bigInteger = new BigInteger(1024, new Random());
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        X500Principal x500Principal = new X500Principal(str);
        x509V3CertificateGenerator.setSerialNumber(bigInteger);
        x509V3CertificateGenerator.setIssuerDN(x500Principal);
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSubjectDN(x500Principal);
        x509V3CertificateGenerator.setPublicKey(this.keyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm(this.signatureAlgorithm.getAlgorithm());
        return new Certificate(this.signatureAlgorithm, x509V3CertificateGenerator.generate(this.keyPair.getPrivate(), "BC"));
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.jans.as.model.crypto.KeyFactory
    public ECDSAPrivateKey getPrivateKey() {
        return this.ecdsaPrivateKey;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.jans.as.model.crypto.KeyFactory
    public ECDSAPublicKey getPublicKey() {
        return this.ecdsaPublicKey;
    }

    @Override // io.jans.as.model.crypto.KeyFactory
    public Certificate getCertificate() {
        return this.certificate;
    }
}
