package org.owasp.webscarab.util;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.asn1.misc.NetscapeCertType;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;

/* loaded from: input_file:main/WebScarab-1.0.0-SNAPSHOT.jar:org/owasp/webscarab/util/SunCertificateUtils.class */
public class SunCertificateUtils {
    private static final String SIGALG = "SHA1withRSA";

    public static X509Certificate sign(X500Principal x500Principal, PublicKey publicKey, X500Principal x500Principal2, PublicKey publicKey2, PrivateKey privateKey, Date date, Date date2, BigInteger bigInteger) throws GeneralSecurityException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.reset();
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm(SIGALG);
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setIssuerDN(x500Principal2);
        x509V3CertificateGenerator.setSubjectDN(x500Principal);
        x509V3CertificateGenerator.setSerialNumber(bigInteger);
        if (x500Principal.equals(x500Principal2)) {
            x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, true, (DEREncodable) new BasicConstraints(5));
        } else {
            x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, (DEREncodable) new SubjectKeyIdentifierStructure(publicKey));
            x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, (DEREncodable) new AuthorityKeyIdentifierStructure(publicKey2));
            x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, true, (DEREncodable) new BasicConstraints(false));
            x509V3CertificateGenerator.addExtension(MiscObjectIdentifiers.netscapeCertType, false, (DEREncodable) new NetscapeCertType(192));
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage, true, (DEREncodable) new KeyUsage(160));
            Vector vector = new Vector();
            vector.add(KeyPurposeId.id_kp_clientAuth);
            vector.add(KeyPurposeId.id_kp_serverAuth);
            x509V3CertificateGenerator.addExtension(X509Extensions.ExtendedKeyUsage, false, (DEREncodable) new ExtendedKeyUsage(vector));
        }
        return (X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new ByteArrayInputStream(x509V3CertificateGenerator.generate(privateKey).getEncoded()));
    }
}
