package cn.com.jit.pki.core.entity.certmake.impl;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.asn1.x509.X509Name;
import cn.com.jit.ida.util.pki.cert.X509CertGenerator;
import cn.com.jit.ida.util.pki.cipher.JKeyPair;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.extension.AuthorityKeyIdentifierExt;
import cn.com.jit.ida.util.pki.extension.SubjectKeyIdentifierExt;
import cn.com.jit.pki.core.entity.CertInfo;
import cn.com.jit.pki.core.entity.Ctml;
import cn.com.jit.pki.core.entity.certmake.CertMakerException;
import cn.com.jit.pki.core.entity.certmake.ICertMaker;
import java.math.BigInteger;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/pki-core-1.0.2.3.jar:cn/com/jit/pki/core/entity/certmake/impl/SimpleCertMakerImpl.class */
public class SimpleCertMakerImpl implements ICertMaker {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SimpleCertMakerImpl.class);

    @Override // cn.com.jit.pki.core.entity.certmake.ICertMaker
    public byte[] makeCert(CertInfo certInfo, Ctml ctml, X509Name x509Name, Mechanism mechanism, JKeyPair jKeyPair, Session session, String str, boolean z) throws CertMakerException {
        long currentTimeMillis = System.currentTimeMillis();
        log.debug("BEGIN INPARAM:CertInfo certInfo=" + certInfo + ", Ctml ctml=" + ctml + ", X509Name authSubject=" + x509Name + ", Mechanism authSignAlgo=" + mechanism + ", JKeyPair authKey=" + jKeyPair + ", Session session=" + session + ", String OIDType=" + str + ", boolean isDouble=" + z);
        X509CertGenerator x509CertGenerator = new X509CertGenerator();
        try {
            x509CertGenerator.setIssuer(x509Name);
            x509CertGenerator.setSubject(certInfo.getSubject());
            x509CertGenerator.setSerialNumber(new BigInteger(z ? certInfo.getDoublecertsn() : certInfo.getCertSN(), 16));
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmssSSS");
            x509CertGenerator.setNotBefore(simpleDateFormat.parse(Long.toString(certInfo.getNotBefore())));
            x509CertGenerator.setNotAfter(simpleDateFormat.parse(Long.toString(certInfo.getNotAfter())));
            if (mechanism == null || mechanism.getMechanismType() == null) {
                throw new CertMakerException("cert make failed, signature algorithm is null");
            }
            x509CertGenerator.setSignatureAlg(mechanism.getMechanismType());
            if (z) {
                x509CertGenerator.setPublicKey(certInfo.getDoublePubKey());
            } else {
                x509CertGenerator.setPublicKey(certInfo.getPubKey());
            }
            x509CertGenerator.addExtensiond(new AuthorityKeyIdentifierExt(jKeyPair.getPublicKey()));
            x509CertGenerator.addExtensiond(new SubjectKeyIdentifierExt(certInfo.getPubKey()));
            byte[] generateX509Cert = x509CertGenerator.generateX509Cert(jKeyPair.getPrivateKey(), session);
            log.debug("END TOTALTIME:" + (System.currentTimeMillis() - currentTimeMillis) + " OUTPARAM:byte[]=" + generateX509Cert);
            return generateX509Cert;
        } catch (PKIException e) {
            log.error("", (Throwable) e);
            throw new CertMakerException("cert make failed.", e);
        } catch (ParseException e2) {
            log.error("", (Throwable) e2);
            throw new CertMakerException("cert make failed.", e2);
        }
    }
}
