package cn.scbsi.sdk;

import cn.hutool.core.util.IdUtil;
import cn.scbsi.sdk.csr.CsrResponse;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.spec.ECGenParameterSpec;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.bouncycastle.util.encoders.Base64;
import org.chainmaker.sdk.utils.CryptoUtils;

/* loaded from: input_file:cn/scbsi/sdk/CsrUtils.class */
public class CsrUtils {
    private static final String PRIVATE_KEY_BEGIN = "-----BEGIN PRIVATE KEY-----\n";
    private static final String PRIVATE_KEY_END = "\n-----END PRIVATE KEY-----\n";
    private static final String CSR_BEGIN = "-----BEGIN CERTIFICATE REQUEST-----\n";
    private static final String CSR_END = "\n-----END CERTIFICATE REQUEST-----\n";
    private static final String locality = "Beijing";
    private static final String country = "CN";
    private static final String province = "Beijing";
    private static final String organizationalUnit = "client";

    public static CsrResponse generateCsrAndPrivateKey(String str) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
        keyPairGenerator.initialize(new ECGenParameterSpec("sm2p256v1"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        String simpleUUID = IdUtil.simpleUUID();
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.C, country);
        x500NameBuilder.addRDN(BCStyle.L, "Beijing");
        x500NameBuilder.addRDN(BCStyle.ST, "Beijing");
        x500NameBuilder.addRDN(BCStyle.OU, organizationalUnit);
        x500NameBuilder.addRDN(BCStyle.O, str);
        x500NameBuilder.addRDN(BCStyle.CN, simpleUUID);
        PKCS10CertificationRequest build = new JcaPKCS10CertificationRequestBuilder(x500NameBuilder.build(), generateKeyPair.getPublic()).build(new JcaContentSignerBuilder("SM3withSM2").setProvider("BC").build(generateKeyPair.getPrivate()));
        String str2 = PRIVATE_KEY_BEGIN + Base64.toBase64String(generateKeyPair.getPrivate().getEncoded()) + PRIVATE_KEY_END;
        String str3 = CSR_BEGIN + Base64.toBase64String(build.getEncoded()) + CSR_END;
        CsrResponse csrResponse = new CsrResponse();
        csrResponse.setPrivateKey(str2);
        csrResponse.setCsr(str3);
        csrResponse.setCode(simpleUUID);
        csrResponse.setAddress(CryptoUtils.getEVMAddressFromPrivateKeyBytes(str2.getBytes(), "SHA256"));
        return csrResponse;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
