package com.sansec.jce.provider.test;

import com.sansec.jce.X509Principal;
import com.sansec.jce.provider.SwxaProvider;
import com.sansec.jce.spec.ECParameterSpec;
import com.sansec.math.ec.ECCurve;
import com.sansec.util.encoders.Hex;
import com.sansec.util.test.SimpleTest;
import com.sansec.x509.X509V3CertificateGenerator;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.Hashtable;
import java.util.Vector;

/* loaded from: input_file:com/sansec/jce/provider/test/KeyStoreTest.class */
public class KeyStoreTest extends SimpleTest {
    static char[] passwd = {'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd'};

    public void ecStoreTest(String str) throws Exception {
        ECCurve.Fp fp = new ECCurve.Fp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16));
        ECParameterSpec eCParameterSpec = new ECParameterSpec(fp, fp.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"));
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", "BC");
        keyPairGenerator.initialize(eCParameterSpec, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        Hashtable hashtable = new Hashtable();
        Vector vector = new Vector();
        hashtable.put(X509Principal.C, "AU");
        hashtable.put(X509Principal.O, "The Legion of the Bouncy Castle");
        hashtable.put(X509Principal.L, "Melbourne");
        hashtable.put(X509Principal.ST, "Victoria");
        hashtable.put(X509Principal.E, "feedback-crypto@bouncycastle.org");
        vector.addElement(X509Principal.C);
        vector.addElement(X509Principal.O);
        vector.addElement(X509Principal.L);
        vector.addElement(X509Principal.ST);
        vector.addElement(X509Principal.E);
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal(vector, hashtable));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal(vector, hashtable));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("ECDSAwithSHA1");
        Certificate[] certificateArr = new Certificate[1];
        try {
            X509Certificate generateX509Certificate = x509V3CertificateGenerator.generateX509Certificate(privateKey);
            generateX509Certificate.checkValidity(new Date());
            generateX509Certificate.verify(publicKey);
            certificateArr[0] = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(generateX509Certificate.getEncoded()));
        } catch (Exception e) {
            fail("error generating cert - " + e.toString());
        }
        KeyStore keyStore = KeyStore.getInstance(str, "BC");
        keyStore.load(null, null);
        keyStore.setKeyEntry("private", privateKey, passwd, certificateArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, passwd);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        KeyStore keyStore2 = KeyStore.getInstance(str, "BC");
        keyStore2.load(byteArrayInputStream, passwd);
        PrivateKey privateKey2 = (PrivateKey) keyStore2.getKey("private", passwd);
        PublicKey generatePublic = KeyFactory.getInstance(publicKey.getAlgorithm(), "BC").generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
        KeyFactory.getInstance(generatePublic.getAlgorithm(), "BC").generatePublic(new X509EncodedKeySpec(generatePublic.getEncoded()));
        byte[] encoded = privateKey2.getEncoded();
        KeyFactory.getInstance(KeyFactory.getInstance(privateKey2.getAlgorithm(), "BC").generatePrivate(new PKCS8EncodedKeySpec(encoded)).getAlgorithm(), "BC").generatePrivate(new PKCS8EncodedKeySpec(encoded));
    }

    public void keyStoreTest(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(str, "BC");
        keyStore.load(null, null);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(1024, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) generateKeyPair.getPublic();
        BigInteger modulus = rSAPrivateKey.getModulus();
        BigInteger privateExponent = rSAPrivateKey.getPrivateExponent();
        Hashtable hashtable = new Hashtable();
        hashtable.put(X509Principal.C, "AU");
        hashtable.put(X509Principal.O, "The Legion of the Bouncy Castle");
        hashtable.put(X509Principal.L, "Melbourne");
        hashtable.put(X509Principal.ST, "Victoria");
        hashtable.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org");
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal(hashtable));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal(hashtable));
        x509V3CertificateGenerator.setPublicKey(rSAPublicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("MD5WithRSAEncryption");
        Certificate[] certificateArr = new Certificate[1];
        try {
            X509Certificate generateX509Certificate = x509V3CertificateGenerator.generateX509Certificate(rSAPrivateKey);
            generateX509Certificate.checkValidity(new Date());
            generateX509Certificate.verify(rSAPublicKey);
            certificateArr[0] = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(generateX509Certificate.getEncoded()));
        } catch (Exception e) {
            fail("error generating cert - " + e.toString());
        }
        keyStore.setKeyEntry("private", rSAPrivateKey, passwd, certificateArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, passwd);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        KeyStore keyStore2 = KeyStore.getInstance(str, "BC");
        keyStore2.load(byteArrayInputStream, passwd);
        RSAPrivateKey rSAPrivateKey2 = (RSAPrivateKey) keyStore2.getKey("private", passwd);
        if (!rSAPrivateKey2.getModulus().equals(modulus)) {
            fail("private key modulus wrong");
        } else if (!rSAPrivateKey2.getPrivateExponent().equals(privateExponent)) {
            fail("private key exponent wrong");
        }
        keyStore2.getCertificateChain("private")[0].verify(rSAPublicKey);
    }

    @Override // com.sansec.util.test.SimpleTest, com.sansec.util.test.Test
    public String getName() {
        return "KeyStore";
    }

    @Override // com.sansec.util.test.SimpleTest
    public void performTest() throws Exception {
        keyStoreTest("BKS");
        keyStoreTest("UBER");
        ecStoreTest("BKS");
    }

    public static void main(String[] strArr) {
        Security.addProvider(new SwxaProvider());
        runTest(new KeyStoreTest());
    }
}
