package com.liferay.saml.util;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.util.StreamUtil;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v1CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:com/liferay/saml/util/CertificateUtil.class */
public class CertificateUtil {
    private static final Log _log = LogFactoryUtil.getLog(CertificateUtil.class);

    public static X500Name createX500Name(String str, String str2, String str3, String str4, String str5, String str6) {
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        if (Validator.isNotNull(str)) {
            x500NameBuilder.addRDN(BCStyle.CN, str);
        }
        if (Validator.isNotNull(str3)) {
            x500NameBuilder.addRDN(BCStyle.OU, str3);
        }
        if (Validator.isNotNull(str2)) {
            x500NameBuilder.addRDN(BCStyle.O, str2);
        }
        if (Validator.isNotNull(str4)) {
            x500NameBuilder.addRDN(BCStyle.L, str4);
        }
        if (Validator.isNotNull(str5)) {
            x500NameBuilder.addRDN(BCStyle.ST, str5);
        }
        if (Validator.isName(str6)) {
            x500NameBuilder.addRDN(BCStyle.C, str6);
        }
        return x500NameBuilder.build();
    }

    public static X509Certificate generateCertificate(KeyPair keyPair, X500Name x500Name, X500Name x500Name2, Date date, Date date2, String str) throws CertificateException {
        ByteArrayInputStream byteArrayInputStream = null;
        Closeable closeable = null;
        try {
            try {
                JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
                byteArrayInputStream = new ByteArrayInputStream(keyPair.getPublic().getEncoded());
                closeable = new ASN1InputStream(byteArrayInputStream);
                X509Certificate certificate = jcaX509CertificateConverter.getCertificate(new X509v1CertificateBuilder(x500Name, BigInteger.valueOf(System.currentTimeMillis()), date, date2, x500Name2, new SubjectPublicKeyInfo(closeable.readObject())).build(new JcaContentSignerBuilder(str).build(keyPair.getPrivate())));
                StreamUtil.cleanUp(new Closeable[]{closeable});
                StreamUtil.cleanUp(new Closeable[]{byteArrayInputStream});
                return certificate;
            } catch (Exception e) {
                throw new CertificateException(e);
            }
        } catch (Throwable th) {
            StreamUtil.cleanUp(new Closeable[]{closeable});
            StreamUtil.cleanUp(new Closeable[]{byteArrayInputStream});
            throw th;
        }
    }

    public static KeyPair generateKeyPair(String str, int i) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
        keyPairGenerator.initialize(i);
        return keyPairGenerator.genKeyPair();
    }

    public static String getFingerprint(String str, X509Certificate x509Certificate) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            byte[] digest = messageDigest.digest();
            StringBundler stringBundler = new StringBundler((digest.length * 2) - 1);
            for (int i = 0; i < digest.length; i++) {
                stringBundler.append(StringUtil.toUpperCase(Integer.toHexString(digest[i] & 255)));
                if (i + 1 < digest.length) {
                    stringBundler.append(':');
                }
            }
            return stringBundler.toString();
        } catch (NoSuchAlgorithmException e) {
            _log.error(e, e);
            return "";
        } catch (CertificateEncodingException e2) {
            _log.error(e2, e2);
            return "";
        }
    }

    public static String getSerial(X509Certificate x509Certificate) {
        byte[] byteArray = x509Certificate.getSerialNumber().toByteArray();
        StringBundler stringBundler = new StringBundler(byteArray.length);
        for (byte b : byteArray) {
            stringBundler.append(Integer.toHexString(b & 255));
        }
        return stringBundler.toString();
    }

    public static String getSubjectName(X509Certificate x509Certificate) {
        Principal subjectDN;
        if (x509Certificate == null || (subjectDN = x509Certificate.getSubjectDN()) == null) {
            return null;
        }
        return subjectDN.getName();
    }
}
