package cn.com.infosec.isfj.certutil;

import cn.com.infosec.asn1.ASN1Sequence;
import cn.com.infosec.asn1.gm.GMObjectIdentifiers;
import cn.com.infosec.asn1.pkcs.CertificationRequest;
import cn.com.infosec.asn1.x500.X500Name;
import cn.com.infosec.asn1.x509.Extension;
import cn.com.infosec.asn1.x509.SubjectPublicKeyInfo;
import cn.com.infosec.asn1.x9.X9ObjectIdentifiers;
import cn.com.infosec.cert.X509v3CertificateBuilder;
import cn.com.infosec.cert.jcajce.JcaX509CertificateConverter;
import cn.com.infosec.isfj.Config;
import cn.com.infosec.isfj.cryptoutil.SM2AlgoUtil;
import cn.com.infosec.isfj.formatutil.EncodeUtil;
import cn.com.infosec.jce.X509KeyUsage;
import cn.com.infosec.operator.jcajce.JcaContentSignerBuilder;
import cn.com.infosec.util.encoders.Base64;
import java.math.BigInteger;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.Random;

/* loaded from: input_file:cn/com/infosec/isfj/certutil/SM2CertUtil.class */
public class SM2CertUtil {
    public static String signSM2CertFromReq(String str, String str2, String str3, String str4, int i) throws Exception {
        CertificationRequest certificationRequest = CertificationRequest.getInstance(ASN1Sequence.fromByteArray(Base64.decode(str3)));
        SubjectPublicKeyInfo subjectPublicKeyInfo = certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo();
        String id = subjectPublicKeyInfo.getAlgorithm().getAlgorithm().getId();
        if (!id.equals(X9ObjectIdentifiers.id_ecPublicKey.getId()) && id.equals(GMObjectIdentifiers.sm2p256v1.getId())) {
            throw new RuntimeException("public algorithm  " + id + " is not sm2");
        }
        Date date = new Date(System.currentTimeMillis() - 3600000);
        if (i <= 0) {
            i = 60;
        }
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        calendar.add(2, i);
        Date time = calendar.getTime();
        X509KeyUsage x509KeyUsage = new X509KeyUsage(128);
        if (str4.toUpperCase().endsWith(KeyUsageDefines.CERTTYPE_SIGN)) {
            x509KeyUsage = new X509KeyUsage(192);
        } else if (str4.toUpperCase().endsWith(KeyUsageDefines.CERTTYPE_ENC)) {
            x509KeyUsage = new X509KeyUsage(48);
        }
        return EncodeUtil.base64Encode(new JcaX509CertificateConverter().setProvider(Config.getProviderName()).getCertificate(new X509v3CertificateBuilder(X500Name.getInstance(X509CertificateParser.certParser(str).getSubjectDN()), BigInteger.valueOf(Math.abs(new Random().nextLong())), date, time, Locale.CHINA, certificationRequest.getCertificationRequestInfo().getSubject(), subjectPublicKeyInfo).addExtension(Extension.keyUsage, false, x509KeyUsage).build(new JcaContentSignerBuilder("SM3withSM2").setProvider(Config.getProviderName()).build(SM2AlgoUtil.formatPrivateKey(EncodeUtil.base64Decode(str2))))).getEncoded());
    }
}
