package com.initech.pkcs.pkcs11.demo;

import com.initech.pkcs.pkcs11.Device;
import com.initech.pkcs.pkcs11.Mechanism;
import com.initech.pkcs.pkcs11.PKCS11Exception;
import com.initech.pkcs.pkcs11.Session;
import com.initech.pkcs.pkcs11.objects.PKCS11KeyPair;
import com.initech.pkcs.pkcs11.objects.PKCS11Object;
import com.initech.pkcs.pkcs11.objects.RSAPrivateKey;
import com.initech.pkcs.pkcs11.objects.RSAPublicKey;
import com.initech.pkcs.pkcs11.objects.X509PublicKeyCertificate;
import com.initech.pki.asn1.ASN1OID;
import com.initech.pki.asn1.useful.AlgorithmID;
import com.initech.pki.asn1.useful.Attribute;
import com.initech.pki.asn1.useful.Extensions;
import com.initech.pki.asn1.useful.Name;
import com.initech.pki.pkcs10.CertificationRequest;
import com.initech.pki.util.Hex;
import com.initech.pki.x509.X509CertImpl;
import com.initech.pki.x509.extensions.AccessDescription;
import com.initech.pki.x509.extensions.AuthorityInfoAccess;
import com.initech.pki.x509.extensions.BasicConstraints;
import com.initech.pki.x509.extensions.CertificatePolicies;
import com.initech.pki.x509.extensions.KeyUsage;
import com.initech.pki.x509.extensions.PolicyInfo;
import com.initech.pki.x509.extensions.PolicyQualifier;
import com.initech.pki.x509.extensions.SubjectKeyIdentifier;
import com.initech.provider.crypto.InitechProvider;
import java.io.BufferedReader;
import java.io.FileOutputStream;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.net.URL;
import java.security.PublicKey;
import java.util.Calendar;
import java.util.GregorianCalendar;

/* loaded from: classes.dex */
public class pkcs11_cert {
    public static void main(String[] strArr) {
        InitechProvider.addAsProvider();
        new pkcs11_cert().run(strArr);
    }

    public void run(String[] strArr) {
        Session session = null;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        try {
            try {
                String str = strArr[0];
                System.err.println("launching " + str);
                Device device = Device.getInstance(str);
                device.initialize(false);
                session = device.getSlotList(true)[0].getToken().openSession(true, true);
                RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
                rSAPrivateKey.setSensitive(true);
                rSAPrivateKey.setTokenObject(true);
                rSAPrivateKey.setPrivateObject(true);
                rSAPrivateKey.setDecrypt(true);
                rSAPrivateKey.setCanDerive(true);
                rSAPrivateKey.setUnwrap(true);
                rSAPrivateKey.setSign(true);
                RSAPublicKey rSAPublicKey = new RSAPublicKey();
                rSAPublicKey.setTokenObject(true);
                rSAPublicKey.setPrivateObject(true);
                rSAPublicKey.setModulusBits(1024L);
                rSAPublicKey.setPublicExponent(new BigInteger("65537"));
                rSAPublicKey.setEncrypt(true);
                rSAPublicKey.setWrap(true);
                rSAPublicKey.setVerify(true);
                rSAPublicKey.setCanDerive(true);
                PKCS11KeyPair generateKeyPair = session.generateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, rSAPublicKey, rSAPrivateKey);
                System.err.println("*** RSA key generation completed ***");
                PublicKey asPublicKey = ((RSAPublicKey) generateKeyPair.getPublicKey()).getAsPublicKey();
                System.err.print("Label Name : ");
                String readLine = bufferedReader.readLine();
                System.err.print("Subject Name : ");
                Name name = new Name(bufferedReader.readLine());
                X509CertImpl x509CertImpl = new X509CertImpl();
                byte[] bArr = new byte[16];
                session.generateRandom(bArr);
                System.err.println("Serial : " + Hex.dumpHex(bArr));
                x509CertImpl.setSerialNumber(new BigInteger(bArr));
                GregorianCalendar gregorianCalendar = (GregorianCalendar) Calendar.getInstance();
                x509CertImpl.setNotBefore(gregorianCalendar.getTime());
                gregorianCalendar.add(1, 10);
                x509CertImpl.setNotAfter(gregorianCalendar.getTime());
                x509CertImpl.setIssuerDN(name);
                x509CertImpl.setSubjectDN(name);
                x509CertImpl.setPublicKey(asPublicKey);
                SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(asPublicKey);
                x509CertImpl.addExtension(subjectKeyIdentifier);
                KeyUsage keyUsage = new KeyUsage(true, 65024);
                x509CertImpl.addExtension(keyUsage);
                BasicConstraints basicConstraints = new BasicConstraints(true, true, -1);
                x509CertImpl.addExtension(basicConstraints);
                CertificatePolicies certificatePolicies = new CertificatePolicies();
                PolicyQualifier policyQualifier = new PolicyQualifier();
                policyQualifier.setUserNotice("This Certificate is for the sole use of Identrus, its Participants and their customers. Identrus accepts no liability for any claim except as expressly provided in its Operating Rules IL-OPRUL", null, null);
                certificatePolicies.add(new PolicyInfo("1.2.840.113021.1.6.1", policyQualifier));
                x509CertImpl.addExtension(certificatePolicies);
                AuthorityInfoAccess authorityInfoAccess = new AuthorityInfoAccess();
                authorityInfoAccess.add(new AccessDescription(new ASN1OID("1.3.6.1.5.5.7.48.1"), new URL("http://www.mailmaul.com/ocsp")));
                x509CertImpl.addExtension(authorityInfoAccess);
                x509CertImpl.setSigAlg(AlgorithmID.SHA1WithRSA);
                session.signInit(Mechanism.SHA1_RSA_PKCS, generateKeyPair.getPrivateKey());
                session.signUpdate(x509CertImpl.getTBSCertificate());
                byte[] signFinal = session.signFinal();
                System.err.println("Signature : " + Hex.dumpHex(signFinal));
                x509CertImpl.setSignature(signFinal);
                FileOutputStream fileOutputStream = new FileOutputStream("data.cer");
                fileOutputStream.write(x509CertImpl.getEncoded());
                fileOutputStream.close();
                session.verifyInit(Mechanism.SHA1_RSA_PKCS, generateKeyPair.getPublicKey());
                if (session.verify(x509CertImpl.getTBSCertificate(), x509CertImpl.getSignature())) {
                    System.err.println("Verify Success");
                } else {
                    System.err.println("Verify Failed");
                }
                CertificationRequest certificationRequest = new CertificationRequest();
                certificationRequest.setSubject(name);
                certificationRequest.setPublicKey(asPublicKey);
                certificationRequest.setSignatureAlgorithm(AlgorithmID.SHA1WithRSA);
                Attribute attribute = new Attribute("extensionRequest");
                Extensions extensions = new Extensions();
                extensions.add(basicConstraints);
                extensions.add(subjectKeyIdentifier);
                extensions.add(keyUsage);
                attribute.add(extensions);
                certificationRequest.add(attribute);
                session.signInit(Mechanism.SHA1_RSA_PKCS, generateKeyPair.getPrivateKey());
                byte[] sign = session.sign(certificationRequest.getTBSInfo());
                System.err.println("Signature : " + Hex.dumpHex(sign));
                certificationRequest.setSignature(sign);
                FileOutputStream fileOutputStream2 = new FileOutputStream("cacert.req");
                fileOutputStream2.write(certificationRequest.getEncoded());
                fileOutputStream2.close();
                X509PublicKeyCertificate x509PublicKeyCertificate = new X509PublicKeyCertificate(x509CertImpl);
                x509PublicKeyCertificate.setLabel(readLine);
                x509PublicKeyCertificate.setTokenObject(true);
                session.createObject(x509PublicKeyCertificate);
                PKCS11Object pKCS11Object = new PKCS11Object();
                pKCS11Object.put(3L, readLine);
                pKCS11Object.put(258L, subjectKeyIdentifier.getKID());
                pKCS11Object.put(257L, name.getEncoded());
                session.setAttributeValue(generateKeyPair.getPrivateKey(), pKCS11Object);
                session.setAttributeValue(generateKeyPair.getPublicKey(), pKCS11Object);
            } catch (PKCS11Exception e) {
                System.err.println("Error : " + Long.toString(e.getErrorCode(), 16));
                e.printStackTrace();
                try {
                    session.close();
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
            } catch (Exception e3) {
                e3.printStackTrace();
                try {
                    session.close();
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
            }
        } finally {
            try {
                session.close();
            } catch (Exception e5) {
                e5.printStackTrace();
            }
        }
    }
}
