package cfca.sadk.util.p12;

import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.lib.crypto.JCrypto;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.system.SADKDebugger;
import cfca.sadk.system.SecureRandoms;
import cfca.sadk.system.logging.LoggerManager;
import cfca.sadk.util.Base64;
import cfca.sadk.x509.certificate.X509Cert;
import cfca.sadk.x509.certificate.X509CertGenerator;
import java.math.BigInteger;
import java.security.KeyPair;
import java.util.Date;
import java.util.Random;

/* loaded from: input_file:cfca/sadk/util/p12/P12FileUtil.class */
class P12FileUtil {
    static volatile Session session = null;

    private P12FileUtil() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final Session session() throws PKIException {
        if (session == null) {
            synchronized (Session.class) {
                if (session == null) {
                    try {
                        JCrypto.getInstance().initialize(JCrypto.JSOFT_LIB, null);
                        session = JCrypto.getInstance().openSession(JCrypto.JSOFT_LIB);
                    } catch (PKIException e) {
                        throw new PKIException("Open session failure: " + e.getMessage());
                    }
                }
            }
        }
        return session;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Cert signedMyselfCert(Session session2, KeyPair keyPair, String str) throws Exception {
        String str2;
        if (LoggerManager.debugLogger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("SignedMyselfCert::>>>>>>Running");
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session2));
            stringBuffer.append("\n keyType: ");
            stringBuffer.append(SADKDebugger.dump(str));
            LoggerManager.debugLogger.debug(stringBuffer.toString());
        }
        try {
            X509CertGenerator x509CertGenerator = new X509CertGenerator();
            if (MechanismKit.SM2.equals(str)) {
                str2 = MechanismKit.SM3_SM2;
            } else if (MechanismKit.RSA.equals(str)) {
                str2 = MechanismKit.SHA256_RSA;
            } else {
                if (!MechanismKit.ECC.equals(str)) {
                    throw new PKIException("SignedMyselfCert failure: do not support keyType=" + str);
                }
                str2 = MechanismKit.SHA256_ECDSA;
            }
            String format = String.format("CN=%s P10 AGENT %s,OU=CFCA SADK P10 ,O=CFCA TEST,C=CN", str, generateRandom());
            x509CertGenerator.setIssuer(format);
            x509CertGenerator.setSubject(format);
            x509CertGenerator.setSerialNumber(BigInteger.valueOf(2063597568 + new Random().nextInt(10000000)));
            x509CertGenerator.setNotAfter(new Date());
            x509CertGenerator.setNotBefore(new Date());
            x509CertGenerator.setPublicKey(keyPair.getPublic());
            x509CertGenerator.setSignatureAlg(str2);
            X509Cert x509Cert = new X509Cert(x509CertGenerator.generateX509Cert(keyPair.getPrivate(), session2));
            if (LoggerManager.debugLogger.isDebugEnabled()) {
                LoggerManager.debugLogger.debug("SignedMyselfCert<<<<<<Finished: X509Cert=" + SADKDebugger.dump(x509Cert));
            }
            return x509Cert;
        } catch (PKIException e) {
            LoggerManager.exceptionLogger.error("SignedMyselfCert::<<<<<<Failure", e);
            throw e;
        } catch (Throwable th) {
            LoggerManager.exceptionLogger.error("SignedMyselfCert::<<<<<<Failure", th);
            throw new PKIException("SignedMyselfCert Failure", th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generateRandom() {
        return Base64.toBase64String(SecureRandoms.getInstance().genBytes(6)).replace("+", "-").replace("/", "_");
    }
}
