package org.gluu.oxauth.model.crypto.signature;

import java.math.BigInteger;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.GregorianCalendar;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.cert.CertIOException;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.gluu.oxauth.model.crypto.Certificate;
import org.gluu.oxauth.model.crypto.KeyFactory;
import org.gluu.oxauth.model.jwk.JSONWebKey;
import org.gluu.util.security.SecurityProviderUtility;

@Deprecated
/* loaded from: input_file:org/gluu/oxauth/model/crypto/signature/RSAKeyFactory.class */
public class RSAKeyFactory extends KeyFactory<RSAPrivateKey, RSAPublicKey> {
    public static final int DEF_KEYLENGTH = 2048;
    private SignatureAlgorithm signatureAlgorithm;
    private KeyPair keyPair;
    private RSAPrivateKey rsaPrivateKey;
    private RSAPublicKey rsaPublicKey;
    private Certificate certificate;

    @Deprecated
    public RSAKeyFactory(SignatureAlgorithm signatureAlgorithm, String str) throws NoSuchAlgorithmException, OperatorCreationException, CertificateException, CertIOException {
        if (signatureAlgorithm == null) {
            throw new InvalidParameterException("The signature algorithm cannot be null");
        }
        this.signatureAlgorithm = signatureAlgorithm;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", SecurityProviderUtility.getBCProvider());
        keyPairGenerator.initialize(DEF_KEYLENGTH, new SecureRandom());
        this.keyPair = keyPairGenerator.generateKeyPair();
        java.security.interfaces.RSAPrivateKey rSAPrivateKey = (java.security.interfaces.RSAPrivateKey) this.keyPair.getPrivate();
        java.security.interfaces.RSAPublicKey rSAPublicKey = (java.security.interfaces.RSAPublicKey) this.keyPair.getPublic();
        this.rsaPrivateKey = new RSAPrivateKey(rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent());
        this.rsaPublicKey = new RSAPublicKey(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
        if (StringUtils.isNotBlank(str)) {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 1);
            this.certificate = generateV3Certificate(gregorianCalendar.getTime(), gregorianCalendar2.getTime(), str);
        }
    }

    public Certificate generateV3Certificate(Date date, Date date2, String str) throws OperatorCreationException, CertificateException, CertIOException {
        BigInteger bigInteger = new BigInteger(1024, new SecureRandom());
        X500Name x500Name = new X500Name(str);
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, bigInteger, date, date2, x500Name, this.keyPair.getPublic());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(KeyPurposeId.id_kp_serverAuth);
        aSN1EncodableVector.add(KeyPurposeId.id_kp_clientAuth);
        aSN1EncodableVector.add(KeyPurposeId.anyExtendedKeyUsage);
        jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.37").intern(), false, new DERSequence(aSN1EncodableVector));
        return new Certificate(this.signatureAlgorithm, new JcaX509CertificateConverter().setProvider(SecurityProviderUtility.getBCProviderName()).getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder(this.signatureAlgorithm.getAlgorithm()).setProvider(SecurityProviderUtility.getBCProviderName()).build(this.keyPair.getPrivate()))));
    }

    @Deprecated
    public RSAKeyFactory(JSONWebKey jSONWebKey) {
        if (jSONWebKey == null) {
            throw new IllegalArgumentException("Key value must not be null.");
        }
        this.rsaPrivateKey = new RSAPrivateKey(jSONWebKey.getN(), jSONWebKey.getE());
        this.rsaPublicKey = new RSAPublicKey(jSONWebKey.getN(), jSONWebKey.getE());
        this.certificate = null;
    }

    public static RSAKeyFactory valueOf(JSONWebKey jSONWebKey) {
        return new RSAKeyFactory(jSONWebKey);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.gluu.oxauth.model.crypto.KeyFactory
    public RSAPrivateKey getPrivateKey() {
        return this.rsaPrivateKey;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.gluu.oxauth.model.crypto.KeyFactory
    public RSAPublicKey getPublicKey() {
        return this.rsaPublicKey;
    }

    @Override // org.gluu.oxauth.model.crypto.KeyFactory
    public Certificate getCertificate() {
        return this.certificate;
    }
}
