package com.koalii.kgsp.core.cms;

import com.koalii.kgsp.bc.asn1.ASN1ObjectIdentifier;
import com.koalii.kgsp.bc.asn1.DERNull;
import com.koalii.kgsp.bc.asn1.pkcs.PKCSObjectIdentifiers;
import com.koalii.kgsp.bc.asn1.pkcs.RSAPublicKey;
import com.koalii.kgsp.bc.asn1.x509.AlgorithmIdentifier;
import com.koalii.kgsp.bc.asn1.x509.SubjectPublicKeyInfo;
import com.koalii.kgsp.bc.cert.X509CertificateHolder;
import com.koalii.kgsp.bc.crypto.params.AsymmetricKeyParameter;
import com.koalii.kgsp.bc.crypto.params.RSAKeyParameters;
import com.koalii.kgsp.bc.operator.ContentSigner;
import com.koalii.kgsp.bc.operator.DefaultDigestAlgorithmIdentifierFinder;
import com.koalii.kgsp.bc.operator.bc.BcRSAContentSignerBuilder;
import com.koalii.kgsp.bc.util.encoders.Hex;
import com.koalii.kgsp.core.crypto.KcRSA;
import com.koalii.kgsp.core.exception.KcErrors;
import com.koalii.kgsp.core.exception.KcException;
import java.io.FileOutputStream;

/* loaded from: input_file:com/koalii/kgsp/core/cms/RSACertIssue.class */
public class RSACertIssue extends CertIssue {
    private AlgorithmIdentifier signAid = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha256WithRSAEncryption, DERNull.INSTANCE);

    public void setSignAlgOid(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        this.signAid = new AlgorithmIdentifier(aSN1ObjectIdentifier, DERNull.INSTANCE);
    }

    @Override // com.koalii.kgsp.core.cms.CertIssue
    protected SubjectPublicKeyInfo generateSubjectPublicKeyInfo(AsymmetricKeyParameter asymmetricKeyParameter) throws KcException {
        if (!(asymmetricKeyParameter instanceof RSAKeyParameters)) {
            throw new KcException(KcErrors.ERROR_CORE_PUBLIC_KEY_ALG, "issuer rsa cert");
        }
        RSAKeyParameters rSAKeyParameters = (RSAKeyParameters) asymmetricKeyParameter;
        try {
            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(rSAKeyParameters.getModulus(), rSAKeyParameters.getExponent()));
        } catch (Exception e) {
            throw new KcException(KcErrors.ERROR_CORE_PUBLIC_KEY_INFO, "issuer rsa cert: create public key info error");
        }
    }

    @Override // com.koalii.kgsp.core.cms.CertIssue
    protected ContentSigner buildSigner() throws KcException {
        try {
            return new BcRSAContentSignerBuilder(this.signAid, new DefaultDigestAlgorithmIdentifierFinder().find(this.signAid)).build(this.issuerPrivateKey);
        } catch (Exception e) {
            throw new KcException(KcErrors.ERROR_CORE_CERT_BUILD, "issuer rsa cert: signer build error", e);
        }
    }

    public static void main(String[] strArr) throws Exception {
        KcRSA kcRSA = new KcRSA();
        kcRSA.generateKeyPair(1024);
        RSACertIssue rSACertIssue = new RSACertIssue();
        rSACertIssue.setCertDn("CN=Test, C=CN");
        rSACertIssue.setIssuerKeyPair(kcRSA);
        X509CertificateHolder issueSelfSignedCert = rSACertIssue.issueSelfSignedCert();
        System.out.println(Hex.toHexString(issueSelfSignedCert.getEncoded()));
        FileOutputStream fileOutputStream = new FileOutputStream("rootca.cer");
        fileOutputStream.write(issueSelfSignedCert.getEncoded());
        fileOutputStream.close();
        KcRSA kcRSA2 = new KcRSA();
        kcRSA2.generateKeyPair(1024);
        rSACertIssue.resetForIssueCert();
        rSACertIssue.setCertDn("CN=liqy, C=CN");
        rSACertIssue.setCertPublicKey(kcRSA2.getPublicKey());
        X509CertificateHolder issueSignCert = rSACertIssue.issueSignCert();
        System.out.println(Hex.toHexString(issueSignCert.getEncoded()));
        FileOutputStream fileOutputStream2 = new FileOutputStream("user.cer");
        fileOutputStream2.write(issueSignCert.getEncoded());
        fileOutputStream2.close();
    }
}
