package cn.com.easysec.jce.provider.test;

import cn.com.easysec.asn1.DEREncodable;
import cn.com.easysec.asn1.x509.BasicConstraints;
import cn.com.easysec.asn1.x509.KeyUsage;
import cn.com.easysec.asn1.x509.X509Extensions;
import cn.com.easysec.jce.PrincipalUtil;
import cn.com.easysec.jce.X509Principal;
import cn.com.easysec.jce.provider.EasySecProvider;
import cn.com.easysec.security.Security;
import cn.com.easysec.security.cert.CertPathBuilder;
import cn.com.easysec.security.cert.CertStore;
import cn.com.easysec.security.cert.CertificateFactory;
import cn.com.easysec.security.cert.PKIXBuilderParameters;
import cn.com.easysec.security.cert.PKIXCertPathBuilderResult;
import cn.com.easysec.util.test.SimpleTest;
import cn.com.easysec.x509.X509V1CertificateGenerator;
import cn.com.easysec.x509.X509V3CertificateGenerator;
import cn.com.easysec.x509.extension.AuthorityKeyIdentifierStructure;
import cn.com.easysec.x509.extension.SubjectKeyIdentifierStructure;
import com.taobao.sophix.PatchStatus;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;

/* loaded from: classes.dex */
public class CertPathBuilderTest extends SimpleTest {
    public static void main(String[] strArr) {
        Security.addProvider(new EasySecProvider());
        runTest(new CertPathBuilderTest());
    }

    @Override // cn.com.easysec.util.test.SimpleTest, cn.com.easysec.util.test.Test
    public String getName() {
        return "CertPathBuilder";
    }

    @Override // cn.com.easysec.util.test.SimpleTest
    public void performTest() throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "ES");
        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(CertPathTest.a));
        X509Certificate x509Certificate2 = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(CertPathTest.b));
        X509Certificate x509Certificate3 = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(CertPathTest.c));
        X509CRL x509crl = (X509CRL) certificateFactory.generateCRL(new ByteArrayInputStream(CertPathTest.d));
        X509CRL x509crl2 = (X509CRL) certificateFactory.generateCRL(new ByteArrayInputStream(CertPathTest.e));
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        arrayList.add(x509Certificate2);
        arrayList.add(x509Certificate3);
        arrayList.add(x509crl);
        arrayList.add(x509crl2);
        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "ES");
        Calendar calendar = Calendar.getInstance();
        calendar.set(2008, 8, 4, 14, 49, 10);
        HashSet hashSet = new HashSet();
        hashSet.add(new TrustAnchor(x509Certificate, null));
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "ES");
        X509CertSelector x509CertSelector = new X509CertSelector();
        x509CertSelector.setSubject(x509Certificate3.getSubjectX500Principal().getEncoded());
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(hashSet, x509CertSelector);
        pKIXBuilderParameters.addCertStore(certStore);
        pKIXBuilderParameters.setDate(calendar.getTime());
        if (((PKIXCertPathBuilderResult) certPathBuilder.build(pKIXBuilderParameters)).getCertPath().getCertificates().size() != 2) {
            fail("wrong number of certs in baseTest path");
        }
        KeyPair a = a.a();
        KeyPair a2 = a.a();
        KeyPair a3 = a.a();
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        x509V1CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V1CertificateGenerator.setIssuerDN(new X509Principal("CN=Test CA Certificate"));
        x509V1CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        x509V1CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        x509V1CertificateGenerator.setSubjectDN(new X509Principal("CN=Test CA Certificate"));
        x509V1CertificateGenerator.setPublicKey(a.getPublic());
        x509V1CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        X509Certificate generateX509Certificate = x509V1CertificateGenerator.generateX509Certificate(a.getPrivate(), "ES");
        PublicKey publicKey = a2.getPublic();
        PrivateKey privateKey = a.getPrivate();
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setIssuerDN(PrincipalUtil.getSubjectX509Principal(generateX509Certificate));
        x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=Test Intermediate Certificate"));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, (DEREncodable) new AuthorityKeyIdentifierStructure(generateX509Certificate));
        x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, (DEREncodable) new SubjectKeyIdentifierStructure(publicKey));
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, true, (DEREncodable) new BasicConstraints(0));
        x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage, true, (DEREncodable) new KeyUsage(PatchStatus.CODE_LOAD_LIB_LOST));
        X509Certificate generateX509Certificate2 = x509V3CertificateGenerator.generateX509Certificate(privateKey, "ES");
        PublicKey publicKey2 = a3.getPublic();
        PrivateKey privateKey2 = a2.getPrivate();
        X509V3CertificateGenerator x509V3CertificateGenerator2 = new X509V3CertificateGenerator();
        x509V3CertificateGenerator2.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator2.setIssuerDN(PrincipalUtil.getSubjectX509Principal(generateX509Certificate2));
        x509V3CertificateGenerator2.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        x509V3CertificateGenerator2.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        x509V3CertificateGenerator2.setSubjectDN(new X509Principal("CN=Test End Certificate"));
        x509V3CertificateGenerator2.setPublicKey(publicKey2);
        x509V3CertificateGenerator2.setSignatureAlgorithm("SHA256WithRSAEncryption");
        x509V3CertificateGenerator2.addExtension(X509Extensions.AuthorityKeyIdentifier, false, (DEREncodable) new AuthorityKeyIdentifierStructure(generateX509Certificate2));
        x509V3CertificateGenerator2.addExtension(X509Extensions.SubjectKeyIdentifier, false, (DEREncodable) new SubjectKeyIdentifierStructure(publicKey2));
        x509V3CertificateGenerator2.addExtension(X509Extensions.BasicConstraints, true, (DEREncodable) new BasicConstraints(false));
        x509V3CertificateGenerator2.addExtension(X509Extensions.KeyUsage, true, (DEREncodable) new KeyUsage(160));
        X509Certificate generateX509Certificate3 = x509V3CertificateGenerator2.generateX509Certificate(privateKey2, "ES");
        BigInteger valueOf = BigInteger.valueOf(2L);
        X509CRL a4 = a.a(generateX509Certificate, a.getPrivate(), valueOf);
        X509CRL a5 = a.a(generateX509Certificate2, a2.getPrivate(), valueOf);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(generateX509Certificate);
        arrayList2.add(generateX509Certificate2);
        arrayList2.add(generateX509Certificate3);
        arrayList2.add(a4);
        arrayList2.add(a5);
        CertStore certStore2 = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList2));
        CertPathBuilder certPathBuilder2 = CertPathBuilder.getInstance("PKIX", "ES");
        X509CertSelector x509CertSelector2 = new X509CertSelector();
        x509CertSelector2.setSubject(generateX509Certificate3.getSubjectX500Principal().getEncoded());
        PKIXBuilderParameters pKIXBuilderParameters2 = new PKIXBuilderParameters((Set<TrustAnchor>) Collections.singleton(new TrustAnchor(generateX509Certificate, null)), x509CertSelector2);
        pKIXBuilderParameters2.addCertStore(certStore2);
        pKIXBuilderParameters2.setDate(new Date());
        if (((PKIXCertPathBuilderResult) certPathBuilder2.build(pKIXBuilderParameters2)).getCertPath().getCertificates().size() != 2) {
            fail("wrong number of certs in v0Test path");
        }
    }
}
