package org.globaltester.lib.bctls;

import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes31.dex */
public class TlsCertificateGenerator {
    private static SecureRandom random = new SecureRandom();

    public static KeyPair generateKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048, random);
        return keyPairGenerator.generateKeyPair();
    }

    public static Certificate generateTlsCertificate(KeyPair keyPair) {
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.setTime(time);
        calendar.set(1, calendar.get(1) + 10);
        System.out.println(calendar.getTime());
        return generateTlsCertificate(keyPair, time, calendar.getTime());
    }

    public static Certificate generateTlsCertificate(KeyPair keyPair, Date date, Date date2) {
        try {
            X500Name build = new X500NameBuilder(BCStyle.INSTANCE).addRDN(BCStyle.CN, "PersoSim").build();
            byte[] bArr = new byte[16];
            random.nextBytes(bArr);
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(build, new BigInteger(160, random), date, date2, build, keyPair.getPublic());
            jcaX509v3CertificateBuilder.addExtension(Extension.subjectKeyIdentifier, false, bArr);
            jcaX509v3CertificateBuilder.addExtension(Extension.authorityKeyIdentifier, false, bArr);
            jcaX509v3CertificateBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true).getEncoded());
            jcaX509v3CertificateBuilder.addExtension(Extension.keyUsage, false, new KeyUsage(132).getEncoded());
            jcaX509v3CertificateBuilder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(new KeyPurposeId[]{KeyPurposeId.id_kp_serverAuth, KeyPurposeId.id_kp_clientAuth}).getEncoded());
            X509CertificateHolder build2 = jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate()));
            JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
            jcaX509CertificateConverter.setProvider(new BouncyCastleProvider());
            return jcaX509CertificateConverter.getCertificate(build2);
        } catch (IOException | CertificateException | OperatorCreationException e) {
            throw new IllegalStateException("Could not create self signed certificate", e);
        }
    }
}
