package com.orientechnologies.orient.server.security;

import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:com/orientechnologies/orient/server/security/OSelfSignedCertificate.class */
public class OSelfSignedCertificate<tmpLocalHost> {
    public static final String DEFAULT_CERTIFICATE_TYPE = "X.509";
    public static final String DEFAULT_CERTIFICATE_ALGORITHM = "RSA";
    public static final int DEFAULT_CERTIFICATE_KEY_SIZE = 2048;
    public static final int DEFAULT_CERTIFICATE_VALIDITY = 365;
    public static final String DEFAULT_CERTIFICATE_OWNER = "CN=SelfSigenedOrientDBtestOnly, OU=SAP HANA Core, O=SAP SE, L=Walldorf, C=DE";
    public static final String DEFAULT_CERTIFICATE_NAME = "ssl";
    private String algorithm;
    private int key_size;
    private int validity;
    private String certificateName;
    private char[] certificate_pwd;
    private String ownerFDN;
    private KeyPair keyPair = null;
    private X509Certificate certificate = null;
    private BigInteger certificateSN = computeRandomSerialNumber();

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        if (str == null || str.isEmpty()) {
            this.algorithm = DEFAULT_CERTIFICATE_ALGORITHM;
        } else {
            this.algorithm = str;
        }
    }

    public int getKey_size() {
        return this.key_size;
    }

    public void setKey_size(int i) {
        if (i >= 128) {
            this.key_size = i;
        } else {
            this.key_size = DEFAULT_CERTIFICATE_KEY_SIZE;
        }
    }

    public int getValidity() {
        return this.validity;
    }

    public void setValidity(int i) {
        this.validity = i;
    }

    public String getCertificateName() {
        return this.certificateName;
    }

    public void setCertificateName(String str) {
        this.certificateName = str;
    }

    public char[] getCertificatePwd() {
        return this.certificate_pwd;
    }

    public void setCertificatePwd(char[] cArr) {
        this.certificate_pwd = cArr;
    }

    public BigInteger getCertificateSN() {
        return this.certificateSN;
    }

    public void setCertificateSN(long j) throws SwitchToDefaultParamsException {
        if (j > 11) {
            this.certificateSN = BigInteger.valueOf(j);
        } else {
            BigInteger computeRandomSerialNumber = computeRandomSerialNumber();
            this.certificateSN = computeRandomSerialNumber;
            throw new SwitchToDefaultParamsException("the value " + j + " culd not be used as a Certificate Serial Nuber, the value will be set to:" + computeRandomSerialNumber);
        }
    }

    public static BigInteger computeRandomSerialNumber() {
        return BigInteger.valueOf(new SecureRandom().nextLong());
    }

    public String getOwnerFDN() {
        return this.ownerFDN;
    }

    public void setOwnerFDN(String str) {
        this.ownerFDN = str;
    }

    public void setOwner_FDN(String str, String str2, String str3, String str4, String str5) {
        this.ownerFDN = "CN=" + str + ", OU=" + str2 + ", O=" + str3 + ", L=" + str4 + ", C=" + str5;
    }

    public static KeyPair computeKeyPair(String str, int i) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
        keyPairGenerator.initialize(i, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public void generateCertificateKeyPair() throws NoSuchAlgorithmException, SwitchToDefaultParamsException {
        try {
            this.keyPair = computeKeyPair(this.algorithm, this.key_size);
        } catch (NoSuchAlgorithmException e) {
            this.keyPair = computeKeyPair(DEFAULT_CERTIFICATE_ALGORITHM, DEFAULT_CERTIFICATE_KEY_SIZE);
            SwitchToDefaultParamsException switchToDefaultParamsException = new SwitchToDefaultParamsException();
            switchToDefaultParamsException.addSuppressed(e);
            throw switchToDefaultParamsException;
        }
    }

    public PublicKey getPublicKey() {
        if (this.keyPair == null) {
            throw new NullPointerException("generate the Key Pair");
        }
        return this.keyPair.getPublic();
    }

    public void composeSelfSignedCertificate() {
        try {
            this.certificate = generateSelfSignedCertificate(this.keyPair, this.validity, this.ownerFDN, this.certificateSN);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (CertificateException e2) {
            e2.printStackTrace();
        }
    }

    public static X509Certificate generateSelfSignedCertificate(KeyPair keyPair, int i, String str, BigInteger bigInteger) throws CertificateException, IOException {
        X509CertInfo x509CertInfo = new X509CertInfo();
        X500Name x500Name = new X500Name(str);
        try {
            x509CertInfo.set("version", new CertificateVersion(2));
        } catch (IOException e) {
            try {
                x509CertInfo.set("version", new CertificateVersion(1));
            } catch (IOException e2) {
                x509CertInfo.set("version", new CertificateVersion(0));
            }
        }
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(bigInteger));
        try {
            x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
        } catch (CertificateException e3) {
            x509CertInfo.set("subject", x500Name);
        }
        try {
            x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
        } catch (CertificateException e4) {
            x509CertInfo.set("issuer", x500Name);
        }
        Calendar calendar = Calendar.getInstance();
        calendar.add(6, 0);
        Date time = calendar.getTime();
        calendar.add(6, i);
        x509CertInfo.set("validity", new CertificateValidity(time, calendar.getTime()));
        x509CertInfo.set("key", new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha256WithRSAEncryption_oid)));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        try {
            x509CertImpl.sign(keyPair.getPrivate(), "SHA256withRSA");
        } catch (InvalidKeyException e5) {
            e5.printStackTrace();
        } catch (NoSuchAlgorithmException e6) {
            e6.printStackTrace();
        } catch (NoSuchProviderException e7) {
            e7.printStackTrace();
        } catch (SignatureException e8) {
            e8.printStackTrace();
        }
        x509CertInfo.set("algorithmID.algorithm", x509CertImpl.get("x509.algorithm"));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        try {
            x509CertImpl2.sign(keyPair.getPrivate(), "SHA256withRSA");
            x509CertImpl2.verify(keyPair.getPublic());
        } catch (InvalidKeyException e9) {
            e9.printStackTrace();
        } catch (NoSuchAlgorithmException e10) {
            e10.printStackTrace();
        } catch (NoSuchProviderException e11) {
            e11.printStackTrace();
        } catch (SignatureException e12) {
            e12.printStackTrace();
        }
        return x509CertImpl2;
    }

    public X509Certificate getCertificate() throws CertificateException {
        if (this.certificate == null) {
            throw new CertificateException("The Self-Signed Certificate han not been genetated! You have to invoke the composeSelfSignedCertificate() before get it.");
        }
        return this.certificate;
    }

    public static boolean checkCertificate(X509Certificate x509Certificate, PublicKey publicKey, Date date) throws NoSuchProviderException, CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        x509Certificate.checkValidity(date);
        x509Certificate.verify(publicKey);
        return true;
    }

    public static boolean checkCertificate(X509Certificate x509Certificate, PublicKey publicKey) throws NoSuchProviderException, CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        return checkCertificate(x509Certificate, publicKey, new Date(System.currentTimeMillis()));
    }

    public boolean checkThisCertificate() throws NoSuchAlgorithmException, CertificateException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return checkCertificate(this.certificate, this.keyPair.getPublic(), new Date(System.currentTimeMillis()));
    }

    public PrivateKey getPrivateKey() {
        return this.keyPair.getPrivate();
    }
}
