package cn.biceng.caservice;

import cn.biceng.gmhelper.BCECUtil;
import cn.biceng.gmhelper.SM2Util;
import cn.biceng.gmhelper.cert.CommonUtil;
import cn.biceng.gmhelper.cert.FileSNAllocator;
import cn.biceng.gmhelper.cert.SM2PfxMaker;
import cn.biceng.gmhelper.cert.SM2PublicKey;
import cn.biceng.gmhelper.cert.SM2X509CertMaker;
import cn.biceng.gmhelper.util.FileUtil;
import cn.biceng.pojo.ZipFile;
import cn.biceng.util.BZip2Utils;
import cn.eseals.certificate.CertificateSubject;
import com.eseals.itextpdf.text.pdf.PdfObject;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;

/* loaded from: input_file:cn/biceng/caservice/GMGenerateor.class */
public class GMGenerateor {
    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static byte[] MakeX509Certificate(String str) throws Exception {
        KeyPair generateBCECKeyPair = SM2Util.generateBCECKeyPair();
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.CN, str);
        x500NameBuilder.addRDN(BCStyle.C, CertificateSubject.ID_SUBJECT);
        byte[] encoded = CommonUtil.createCSR(x500NameBuilder.build(), new SM2PublicKey(generateBCECKeyPair.getPublic().getAlgorithm(), generateBCECKeyPair.getPublic()), generateBCECKeyPair.getPrivate(), "SM3withSM2").getEncoded();
        byte[] savePriKey = savePriKey(generateBCECKeyPair.getPrivate(), generateBCECKeyPair.getPublic());
        byte[] encoded2 = buildCertMaker().makeCertificate(true, new KeyUsage(144), encoded).getEncoded();
        ArrayList arrayList = new ArrayList();
        ZipFile zipFile = new ZipFile(encoded2, String.valueOf(str) + ".cer");
        ZipFile zipFile2 = new ZipFile(savePriKey, String.valueOf(str) + ".pri");
        arrayList.add(zipFile);
        arrayList.add(zipFile2);
        return BZip2Utils.compress(arrayList, PdfObject.NOTHING);
    }

    public static byte[] MakePfx(String str) throws Exception {
        KeyPair generateBCECKeyPair = SM2Util.generateBCECKeyPair();
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.CN, str);
        x500NameBuilder.addRDN(BCStyle.C, CertificateSubject.ID_SUBJECT);
        byte[] encoded = CommonUtil.createCSR(x500NameBuilder.build(), new SM2PublicKey(generateBCECKeyPair.getPublic().getAlgorithm(), generateBCECKeyPair.getPublic()), generateBCECKeyPair.getPrivate(), "SM3withSM2").getEncoded();
        X509Certificate makeCertificate = buildCertMaker().makeCertificate(true, new KeyUsage(144), encoded);
        return new SM2PfxMaker().makePfx(generateBCECKeyPair.getPrivate(), (PublicKey) SM2Util.convertPublicKey(new PKCS10CertificationRequest(encoded).getSubjectPublicKeyInfo()), makeCertificate, "1234").getEncoded("DER");
    }

    private static SM2X509CertMaker buildCertMaker() throws Exception {
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.CN, "标准电子印章平台");
        x500NameBuilder.addRDN(BCStyle.C, CertificateSubject.ID_SUBJECT);
        x500NameBuilder.addRDN(BCStyle.O, "biceng");
        x500NameBuilder.addRDN(BCStyle.OU, "biceng");
        X500Name build = x500NameBuilder.build();
        PKCS12KeyStoreSpi.BCPKCS12KeyStore bCPKCS12KeyStore = new PKCS12KeyStoreSpi.BCPKCS12KeyStore();
        char[] charArray = "1234".toCharArray();
        bCPKCS12KeyStore.engineLoad(new ByteArrayInputStream(FileUtil.readFile("D:\\国密标准电子印章平台.pfx")), charArray);
        String str = (String) bCPKCS12KeyStore.engineAliases().nextElement();
        return new SM2X509CertMaker(new KeyPair(bCPKCS12KeyStore.engineGetCertificate(str).getPublicKey(), (PrivateKey) bCPKCS12KeyStore.engineGetKey(str, charArray)), 1576800000000L, build, new FileSNAllocator());
    }

    private static byte[] savePriKey(BCECPrivateKey bCECPrivateKey, BCECPublicKey bCECPublicKey) throws IOException {
        return BCECUtil.convertECPrivateKeyToSEC1(SM2Util.convertPrivateKey(bCECPrivateKey), SM2Util.convertPublicKey(bCECPublicKey));
    }
}
