package etri.fido.uaf.util;

import com.hsecure.xpass.lib.sdk.authenticator.common.LogUtil;
import etri.fido.uaf.auth.common.AuthException;
import etri.fido.uaf.auth.crypto.CryptoHelper;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
import java.util.GregorianCalendar;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.cert.CertIOException;
import org.spongycastle.cert.X509v3CertificateBuilder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes2.dex */
public class ETRICertificate {
    private static final String TAG = "ETRICertificate";

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static X509Certificate createCertificate(PublicKey publicKey, PrivateKey privateKey, X500Name x500Name, X500Name x500Name2, boolean z) {
        try {
            BigInteger valueOf = BigInteger.valueOf(Math.abs(SecureRandom.getInstance("SHA1PRNG").nextInt()));
            Date date = new Date(System.currentTimeMillis());
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.setTime(date);
            gregorianCalendar.add(1, 1);
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(x500Name2, valueOf, date, gregorianCalendar.getTime(), x500Name, new SubjectPublicKeyInfo(ASN1Sequence.getInstance(publicKey.getEncoded())));
            if (z) {
                try {
                    x509v3CertificateBuilder.addExtension(Extension.basicConstraints, true, (ASN1Encodable) new BasicConstraints(0));
                } catch (CertIOException e) {
                    LogUtil.e(TAG, e.getMessage());
                }
            }
            try {
                return new JcaX509CertificateConverter().setProvider("SC").getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider("SC").build(privateKey)));
            } catch (CertificateException e2) {
                LogUtil.e(TAG, "CertificateException : " + e2.getMessage());
                return null;
            } catch (OperatorCreationException e3) {
                LogUtil.e(TAG, "OperatorCreationException : " + e3.getMessage());
                return null;
            }
        } catch (NoSuchAlgorithmException unused) {
            return null;
        }
    }

    public static KeyPair generateRSAKeyPair() {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, secureRandom);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            LogUtil.e(TAG, "NoSuchAlgorithmException : " + e.getMessage());
            return null;
        }
    }

    public static PrivateKey getPrivateKey(byte[] bArr) throws AuthException {
        try {
            return KeyFactory.getInstance("RSA", "SC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception unused) {
            throw new AuthException("인코딩된 개인키 바이트 배열로부터 개인키 생성시 에러가 발생함");
        }
    }

    public static void main(String[] strArr) throws Exception {
        KeyPair generateRSAKeyPair = generateRSAKeyPair();
        X509Certificate createCertificate = createCertificate(generateRSAKeyPair.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), false);
        writeFile(createCertificate.getEncoded(), "fido_root_cert.cer");
        writeFile(generateRSAKeyPair.getPrivate().getEncoded(), "fido_root_pri.key");
        KeyPair generateKeyPair = CryptoHelper.generateKeyPair((short) 1);
        X509Certificate createCertificate2 = createCertificate(generateKeyPair.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0001"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), false);
        writeFile(createCertificate2.getEncoded(), "fido_attSECP256R1_raw_cert.cer");
        writeFile(generateKeyPair.getPrivate().getEncoded(), "fido_attSECP256R1_raw_pri.key");
        String[] strArr2 = {Base64Helper.encodeToString(createCertificate.getEncoded())};
        byte[][] bArr = {createCertificate2.getEncoded()};
        ETRICertPathValidator eTRICertPathValidator = new ETRICertPathValidator();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("SECP256R1 RAW = OK");
        } else {
            System.out.println("SECP256R1 RAW = FALSE");
        }
        KeyPair generateKeyPair2 = CryptoHelper.generateKeyPair((short) 2);
        X509Certificate createCertificate3 = createCertificate(generateKeyPair2.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0002"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), false);
        writeFile(createCertificate3.getEncoded(), "fido_attSECP256R1_der_cert.cer");
        writeFile(generateKeyPair2.getPrivate().getEncoded(), "fido_attSECP256R1_der_pri.key");
        bArr[0] = createCertificate3.getEncoded();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("SECP256R1 DER = OK");
        } else {
            System.out.println("SECP256R1 DER = FALSE");
        }
        KeyPair generateKeyPair3 = CryptoHelper.generateKeyPair((short) 3);
        X509Certificate createCertificate4 = createCertificate(generateKeyPair3.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0003"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), false);
        writeFile(createCertificate4.getEncoded(), "fido_attRSASSA_PSS_raw_cert.cer");
        writeFile(generateKeyPair3.getPrivate().getEncoded(), "fido_attRSASSA_PSS_raw_pri.key");
        bArr[0] = createCertificate4.getEncoded();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("RSASSA_PSS RAW = OK");
        } else {
            System.out.println("RSASSA_PSS RAW = FALSE");
        }
        KeyPair generateKeyPair4 = CryptoHelper.generateKeyPair((short) 4);
        X509Certificate createCertificate5 = createCertificate(generateKeyPair4.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0004"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), false);
        writeFile(createCertificate5.getEncoded(), "fido_attRSASSA_PSS_der_cert.cer");
        writeFile(generateKeyPair4.getPrivate().getEncoded(), "fido_attRSASSA_PSS_der_pri.key");
        bArr[0] = createCertificate5.getEncoded();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("RSASSA_PSS DER = OK");
        } else {
            System.out.println("RSASSA_PSS DER = FALSE");
        }
        KeyPair generateKeyPair5 = CryptoHelper.generateKeyPair((short) 5);
        X509Certificate createCertificate6 = createCertificate(generateKeyPair5.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0005"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), true);
        writeFile(createCertificate6.getEncoded(), "fido_attSECP256K1_raw_cert.cer");
        writeFile(generateKeyPair5.getPrivate().getEncoded(), "fido_attSECP256K1_raw_pri.key");
        bArr[0] = createCertificate6.getEncoded();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("SECP256K1 RAW = OK");
        } else {
            System.out.println("SECP256K1 RAW = FALSE");
        }
        KeyPair generateKeyPair6 = CryptoHelper.generateKeyPair((short) 6);
        X509Certificate createCertificate7 = createCertificate(generateKeyPair6.getPublic(), generateRSAKeyPair.getPrivate(), new X500Name("C=KR,O=ETRI,CN=0013#0006"), new X500Name("C=KR,O=ETRI,CN=FIDO_Root"), true);
        writeFile(createCertificate7.getEncoded(), "fido_attSECP256K1_der_cert.cer");
        writeFile(generateKeyPair6.getPrivate().getEncoded(), "fido_attSECP256K1_der_pri.key");
        bArr[0] = createCertificate7.getEncoded();
        if (eTRICertPathValidator.validate(strArr2, bArr)) {
            System.out.println("SECP256K1 DER = OK");
        } else {
            System.out.println("SECP256K1 DER = FALSE");
        }
    }

    public static byte[] readFile(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[512];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    fileInputStream.close();
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (FileNotFoundException e) {
            LogUtil.e(TAG, "FileNotFoundException : " + e.getMessage());
            return null;
        } catch (IOException e2) {
            LogUtil.e(TAG, "IOException : " + e2.getMessage());
            return null;
        }
    }

    public static boolean writeFile(byte[] bArr, String str) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
            try {
                fileOutputStream.write(bArr);
                try {
                    fileOutputStream.close();
                    return true;
                } catch (IOException unused) {
                    return true;
                }
            } catch (Throwable th) {
                try {
                    fileOutputStream.close();
                } catch (IOException unused2) {
                }
                throw th;
            }
        } catch (IOException unused3) {
            return false;
        }
    }
}
