package org.nhindirect.stagent.cert.tools.certgen;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.nhindirect.stagent.CryptoExtensions;
import org.nhindirect.stagent.mail.MimeStandard;

/* loaded from: input_file:org/nhindirect/stagent/cert/tools/certgen/CertLoader.class */
class CertLoader {
    CertLoader() {
    }

    public static CertCreateFields loadCertificate(File file, File file2, char[] cArr) throws Exception {
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec;
        byte[] loadFileData = loadFileData(file);
        byte[] loadFileData2 = loadFileData(file2);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(loadFileData);
        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
        IOUtils.closeQuietly(byteArrayInputStream);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA", CryptoExtensions.getJCEProviderName());
        if (cArr == null || cArr.length <= 0) {
            pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(loadFileData2);
        } else {
            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(loadFileData2);
            pKCS8EncodedKeySpec = encryptedPrivateKeyInfo.getKeySpec(SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName(), CryptoExtensions.getJCEProviderName()).generateSecret(new PBEKeySpec(cArr)), CryptoExtensions.getJCEProviderName());
        }
        PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
        Map<String, Object> attributes = getAttributes(x509Certificate);
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.setTime(x509Certificate.getNotAfter());
        return new CertCreateFields(attributes, file, file2, cArr, (int) ((calendar2.getTimeInMillis() - calendar.getTimeInMillis()) / 86400000), 1024, x509Certificate, generatePrivate);
    }

    private static Map<String, Object> getAttributes(X509Certificate x509Certificate) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        hashMap2.put("1.2.840.113549.1.9.1", "EMAILADDRESS");
        String[] split = x509Certificate.getSubjectX500Principal().getName("RFC1779", hashMap2).split(MimeStandard.MailAddressSeparator);
        if (split != null) {
            for (String str : split) {
                String[] split2 = str.split("=");
                if (split2 != null && split2.length == 2) {
                    hashMap.put(split2[0].trim(), split2[1].trim());
                }
            }
        }
        return hashMap;
    }

    private static byte[] loadFileData(File file) throws Exception {
        return FileUtils.readFileToByteArray(file);
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
