package com.initech.pkcs.pkcs11.demo;

import com.initech.pkcs.pkcs11.Device;
import com.initech.pkcs.pkcs11.Mechanism;
import com.initech.pkcs.pkcs11.PKCS11Exception;
import com.initech.pkcs.pkcs11.Session;
import com.initech.pkcs.pkcs11.objects.PKCS11Object;
import com.initech.pkcs.pkcs11.objects.PrivateKey;
import com.initech.pkcs.pkcs7.PKCS7Facade;
import com.initech.pki.asn1.ASN1OID;
import com.initech.pki.asn1.useful.AlgorithmID;
import com.initech.pki.asn1.useful.Attribute;
import com.initech.pki.asn1.useful.Extensions;
import com.initech.pki.asn1.useful.GeneralName;
import com.initech.pki.asn1.useful.Name;
import com.initech.pki.pkcs10.CertificationRequest;
import com.initech.pki.util.Hex;
import com.initech.pki.x509.X509CertImpl;
import com.initech.pki.x509.X509ExtensionBuilder;
import com.initech.pki.x509.extensions.AccessDescription;
import com.initech.pki.x509.extensions.AuthorityInfoAccess;
import com.initech.pki.x509.extensions.AuthorityKeyIdentifier;
import com.initech.pki.x509.extensions.CertificatePolicies;
import com.initech.pki.x509.extensions.ExtKeyUsage;
import com.initech.pki.x509.extensions.KeyUsage;
import com.initech.pki.x509.extensions.SubjectAltName;
import com.initech.pki.x509.extensions.SubjectKeyIdentifier;
import com.initech.provider.crypto.InitechProvider;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.net.URL;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.GregorianCalendar;

/* loaded from: classes.dex */
public class pkcs11_ca {
    public static void main(String[] strArr) {
        InitechProvider.addAsProvider();
        new pkcs11_ca().run(strArr);
    }

    public void run(String[] strArr) {
        Session session = null;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        try {
            try {
                String str = strArr[0];
                System.err.println("launching " + str);
                Device device = Device.getInstance(str);
                device.initialize(false);
                session = device.getSlotList(true)[0].getToken().openSession(true, true);
                FileInputStream fileInputStream = new FileInputStream("initech-identrus.cer");
                byte[] bArr = new byte[fileInputStream.available()];
                fileInputStream.read(bArr);
                fileInputStream.close();
                X509CertImpl x509CertImpl = new X509CertImpl(bArr);
                SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(x509CertImpl.getExtensionValue(SubjectKeyIdentifier.OID));
                PrivateKey privateKey = new PrivateKey();
                privateKey.setSign(true);
                privateKey.setKeyID(subjectKeyIdentifier.getKID());
                session.findObjectsInit(privateKey);
                PKCS11Object[] findObjects = session.findObjects(1L);
                System.err.println(String.valueOf(findObjects.length) + " private key found!");
                PrivateKey privateKey2 = (PrivateKey) findObjects[0];
                session.findObjectsFinal();
                SecureRandom secureRandom = SecureRandom.getInstance("X9.17");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(PKCS7Facade.ASYMMETRIC_KEY_ALGORITHM, "Initech");
                keyPairGenerator.initialize(1024, secureRandom);
                KeyPair genKeyPair = keyPairGenerator.genKeyPair();
                CertificationRequest certificationRequest = new CertificationRequest();
                System.err.print("Subject : ");
                String readLine = bufferedReader.readLine();
                SubjectAltName subjectAltName = new SubjectAltName();
                while (true) {
                    System.err.print("Subject Alt Name : ");
                    String readLine2 = bufferedReader.readLine();
                    if (readLine2.length() == 0) {
                        break;
                    } else {
                        subjectAltName.add(readLine2);
                    }
                }
                certificationRequest.setSubject(readLine);
                certificationRequest.setPublicKey(genKeyPair.getPublic());
                certificationRequest.setSignatureAlgorithm(AlgorithmID.SHA1WithRSA);
                Attribute attribute = new Attribute("extensionRequest");
                Extensions extensions = new Extensions();
                SubjectKeyIdentifier subjectKeyIdentifier2 = new SubjectKeyIdentifier(genKeyPair.getPublic());
                extensions.add(subjectKeyIdentifier2);
                KeyUsage keyUsage = new KeyUsage();
                ExtKeyUsage extKeyUsage = new ExtKeyUsage();
                boolean z = false;
                System.err.print("Enter Key Type : ");
                String readLine3 = bufferedReader.readLine();
                if (readLine3.equalsIgnoreCase("EESIGN") || readLine3.equalsIgnoreCase("SERVERSIGN") || readLine3.equalsIgnoreCase("CODESIGN")) {
                    keyUsage.setUsage(32768);
                    keyUsage.setUsage(16384);
                    if (readLine3.equalsIgnoreCase("CODESIGN")) {
                        extKeyUsage.addUsage(ExtKeyUsage.CODE_SIGNING);
                        z = true;
                    }
                } else if (readLine3.equalsIgnoreCase("SERVERSSL")) {
                    keyUsage.setUsage(32768);
                    keyUsage.setUsage(8192);
                    extKeyUsage.addUsage(ExtKeyUsage.SERVER_AUTH);
                    z = true;
                } else if (readLine3.equalsIgnoreCase("EEUTIL")) {
                    keyUsage.setUsage(32768);
                    keyUsage.setUsage(8192);
                    keyUsage.setUsage(4096);
                    keyUsage.setUsage(2048);
                    extKeyUsage.addUsage(ExtKeyUsage.CLIENT_AUTH);
                    extKeyUsage.addUsage(ExtKeyUsage.EMAIL_PROTECTION);
                    z = true;
                }
                extensions.add(keyUsage);
                if (z) {
                    extensions.add(extKeyUsage);
                }
                extensions.add(subjectAltName);
                attribute.add(extensions);
                certificationRequest.add(attribute);
                certificationRequest.sign(genKeyPair.getPrivate(), AlgorithmID.SHA1WithRSA, "Initech");
                System.err.print("Save PrivateKey to : ");
                FileOutputStream fileOutputStream = new FileOutputStream(bufferedReader.readLine());
                fileOutputStream.write(genKeyPair.getPrivate().getEncoded());
                fileOutputStream.close();
                System.err.print("Save PKCS#10 to : ");
                FileOutputStream fileOutputStream2 = new FileOutputStream(bufferedReader.readLine());
                fileOutputStream2.write(certificationRequest.getEncoded());
                fileOutputStream2.close();
                X509CertImpl x509CertImpl2 = new X509CertImpl();
                byte[] bArr2 = new byte[16];
                session.generateRandom(bArr2);
                System.err.println("Serial : " + Hex.dumpHex(bArr2));
                x509CertImpl2.setSerialNumber(new BigInteger(bArr2).abs());
                x509CertImpl2.setIssuerDN((Name) x509CertImpl.getSubjectDN());
                GregorianCalendar gregorianCalendar = (GregorianCalendar) Calendar.getInstance();
                x509CertImpl2.setNotBefore(gregorianCalendar.getTime());
                gregorianCalendar.add(2, 6);
                x509CertImpl2.setNotAfter(gregorianCalendar.getTime());
                x509CertImpl2.setSubjectDN(certificationRequest.getSubject());
                x509CertImpl2.setPublicKey(certificationRequest.getPublicKey());
                X509ExtensionBuilder x509ExtensionBuilder = new X509ExtensionBuilder();
                AuthorityKeyIdentifier authorityKeyIdentifier = new AuthorityKeyIdentifier();
                authorityKeyIdentifier.setFromCertificate(x509CertImpl);
                x509CertImpl2.addExtension(authorityKeyIdentifier);
                x509CertImpl2.addExtension(subjectKeyIdentifier2);
                x509CertImpl2.addExtension(keyUsage);
                if (z) {
                    x509CertImpl2.addExtension(extKeyUsage);
                }
                x509CertImpl2.addExtension(x509ExtensionBuilder.build(CertificatePolicies.OID, x509CertImpl.getExtensionValue(CertificatePolicies.OID)));
                x509CertImpl2.addExtension(subjectAltName);
                AuthorityInfoAccess authorityInfoAccess = new AuthorityInfoAccess();
                authorityInfoAccess.add(new AccessDescription(AuthorityInfoAccess.ocsp, new URL("http://www.mailmaul.com:8080")));
                authorityInfoAccess.add(new AccessDescription(new ASN1OID("1.2.840.114021.4.1"), new GeneralName("URI:https://tc10.identrus.com")));
                x509CertImpl2.addExtension(authorityInfoAccess);
                x509CertImpl2.setSigAlg(AlgorithmID.SHA1WithRSA);
                session.signInit(Mechanism.SHA1_RSA_PKCS, privateKey2);
                session.signUpdate(x509CertImpl2.getTBSCertificate());
                x509CertImpl2.setSignature(session.signFinal());
                System.err.print("Save Certificate to : ");
                FileOutputStream fileOutputStream3 = new FileOutputStream(bufferedReader.readLine());
                fileOutputStream3.write(x509CertImpl2.getEncoded());
                fileOutputStream3.close();
            } finally {
                try {
                    session.close();
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        } catch (PKCS11Exception e2) {
            System.err.println("Error : " + Long.toString(e2.getErrorCode(), 16));
            e2.printStackTrace();
            try {
                session.close();
            } catch (Exception e3) {
                e3.printStackTrace();
            }
        } catch (Exception e4) {
            e4.printStackTrace();
            try {
                session.close();
            } catch (Exception e5) {
                e5.printStackTrace();
            }
        }
    }
}
