package JCSP.Container;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v1CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.PrivateKeyFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.KeyStore.JCPPrivateKeyEntry;
import ru.CryptoPro.JCP.params.JCPProtectionParameter;

/* loaded from: classes.dex */
public class JKSStoreImportExportExample {
    public static final String EXPORT_ALIAS = "export_jks_key";
    public static final String JKS_ALIAS = "jks_key_gen";
    public static final String PROVIDER = "JCSPRSA";
    public static final String JKS_PATH = System.getProperty("user.dir") + File.separator + "import_test.jks";
    public static final char[] JKS_PASSWORD = "123456".toCharArray();
    public static final char[] EXPORT_PASSWORD = "654321".toCharArray();

    public static void generateJKS() throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        System.out.println("Generating JKS using BC...");
        try {
            System.out.println("Initiating generator...");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
            keyPairGenerator.initialize(1024);
            System.out.println("Generating pair...");
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            System.out.println("Preparing params...");
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find(JCP.SIGN_SHA256_RSA_NAME);
            AlgorithmIdentifier find2 = new DefaultDigestAlgorithmIdentifierFinder().find(find);
            System.out.println("Preparing keys...");
            AsymmetricKeyParameter createKey = PrivateKeyFactory.createKey(generateKeyPair.getPrivate().getEncoded());
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded());
            System.out.println("Building signer...");
            ContentSigner build = new BcRSAContentSignerBuilder(find, find2).build(createKey);
            System.out.println("Adding common name and dates...");
            X500Name x500Name = new X500Name("CN=jks_key_gen");
            Date date = new Date();
            Date date2 = new Date(date.getTime() + 2592000000L);
            BigInteger bigInteger = new BigInteger(64, new SecureRandom());
            System.out.println("Preparing certificate generator...");
            X509v1CertificateBuilder x509v1CertificateBuilder = new X509v1CertificateBuilder(x500Name, bigInteger, date, date2, x500Name, subjectPublicKeyInfo);
            System.out.println("Building certificate...");
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509v1CertificateBuilder.build(build));
            System.out.println("Loading key store...");
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            System.out.println("Adding entry...");
            PrivateKey privateKey = generateKeyPair.getPrivate();
            char[] cArr = JKS_PASSWORD;
            keyStore.setKeyEntry(JKS_ALIAS, privateKey, cArr, new Certificate[]{certificate});
            System.out.println("Saving key store...");
            keyStore.store(new FileOutputStream(JKS_PATH), cArr);
            System.out.println("Completed.");
        } finally {
            Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
        }
    }

    public static void importFromJKSAndExportToHD() throws Exception {
        System.out.println("Importing JKS store...");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = new FileInputStream(JKS_PATH);
        char[] cArr = JKS_PASSWORD;
        keyStore.load(fileInputStream, cArr);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(JKS_ALIAS, new KeyStore.PasswordProtection(cArr));
        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
        Certificate[] certificateChain = privateKeyEntry.getCertificateChain();
        System.out.println("%% JKS private key: " + privateKey);
        System.out.println("%% JKS certificates");
        for (Certificate certificate : certificateChain) {
            System.out.println("\tCertificate: " + ((X509Certificate) certificate).getSubjectDN());
        }
        System.out.println("Import completed. Saving to the disk...");
        KeyStore keyStore2 = KeyStore.getInstance("HDIMAGE", "JCSPRSA");
        System.out.println("Reading...");
        keyStore2.load(null, null);
        try {
            System.out.println("Deleting export_jks_key");
            keyStore2.deleteEntry(EXPORT_ALIAS);
        } catch (Exception unused) {
        }
        System.out.println("Saving...");
        JCPProtectionParameter jCPProtectionParameter = new JCPProtectionParameter(EXPORT_PASSWORD);
        keyStore2.setEntry(EXPORT_ALIAS, privateKeyEntry, jCPProtectionParameter);
        System.out.println("Saving completed. Trying to check...");
        JCPPrivateKeyEntry jCPPrivateKeyEntry = (JCPPrivateKeyEntry) keyStore2.getEntry(EXPORT_ALIAS, jCPProtectionParameter);
        PrivateKey privateKey2 = jCPPrivateKeyEntry.getPrivateKey();
        Certificate[] certificateChain2 = jCPPrivateKeyEntry.getCertificateChain();
        System.out.println("%% HD private key: " + privateKey2);
        System.out.println("%% HD certificates");
        for (Certificate certificate2 : certificateChain2) {
            System.out.println("\tCertificate: " + ((X509Certificate) certificate2).getSubjectDN());
        }
        PFXStoreImportExportExample.testVerify(certificateChain2[0].getPublicKey(), "JCSPRSA", PFXStoreImportExportExample.testSign(privateKey2, "JCSPRSA"));
        System.out.println("Check completed.");
    }

    public static void main(String[] strArr) throws Exception {
        generateJKS();
        importFromJKSAndExportToHD();
    }
}
