package de.gzim.papp.server.util;

import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:de/gzim/papp/server/util/KeyUtils.class */
public class KeyUtils {
    @NotNull
    public static KeyStore.PrivateKeyEntry generateNewPrivateKey() {
        try {
            KeyPair generateKeyPair = generateKeyPair();
            return new KeyStore.PrivateKeyEntry(generateKeyPair.getPrivate(), new Certificate[]{generateCertificate(generateKeyPair)});
        } catch (Throwable th) {
            throw PappUtil.convertToPappException(th);
        }
    }

    @NotNull
    private static KeyPair generateKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        return keyPairGenerator.genKeyPair();
    }

    @NotNull
    private static X509Certificate generateCertificate(@NotNull KeyPair keyPair) throws OperatorCreationException, CertificateException {
        X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(new X500Name("CN=ApoVac"), new BigInteger(64, new SecureRandom()), new Date(System.currentTimeMillis() - 86400000), new Date(System.currentTimeMillis() + 3153600000000L), new X500Name("CN=ApoVac"), SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        return new JcaX509CertificateConverter().setProvider(bouncyCastleProvider).getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA512withRSA").setProvider(bouncyCastleProvider).build(keyPair.getPrivate())));
    }

    @NotNull
    public static String sha512Hash(@NotNull byte[] bArr) {
        try {
            String bigInteger = new BigInteger(1, MessageDigest.getInstance("SHA-512").digest(bArr)).toString(16);
            while (bigInteger.length() < 128) {
                bigInteger = "0" + bigInteger;
            }
            return bigInteger;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }
}
