package org.bouncycastle.cert.test;

import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.util.Date;
import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
import org.bouncycastle.asn1.bc.ExternalValue;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
import org.bouncycastle.jcajce.ExternalPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.test.SimpleTest;

/* loaded from: input_file:org/bouncycastle/cert/test/ExternalKeyTest.class */
public class ExternalKeyTest extends SimpleTest {
    @Override // org.bouncycastle.util.test.SimpleTest, org.bouncycastle.util.test.Test
    public String getName() {
        return "ExternalKey";
    }

    @Override // org.bouncycastle.util.test.SimpleTest
    public void performTest() throws Exception {
        checkPublicKeyInfo();
        checkCertificate();
        checkCertificateDilithium();
    }

    private void checkPublicKeyInfo() throws NoSuchAlgorithmException, IOException {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("EC").generateKeyPair();
        byte[] digest = MessageDigest.getInstance("SHA256").digest(generateKeyPair.getPublic().getEncoded());
        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(new ExternalPublicKey(generateKeyPair.getPublic(), new GeneralName(6, "http://localhost"), MessageDigest.getInstance("SHA256")).getEncoded());
        isEquals(BCObjectIdentifiers.external_value, subjectPublicKeyInfo.getAlgorithm().getAlgorithm());
        ExternalValue externalValue = ExternalValue.getInstance(subjectPublicKeyInfo.parsePublicKey());
        isEquals(new GeneralName(6, "http://localhost"), externalValue.getLocation());
        isEquals(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256), externalValue.getHashAlg());
        isTrue(areEqual(digest, externalValue.getHashValue()));
    }

    private void checkCertificate() throws Exception {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("EC").generateKeyPair();
        ExternalPublicKey externalPublicKey = new ExternalPublicKey(generateKeyPair.getPublic(), new GeneralName(6, "https://localhost"), MessageDigest.getInstance("SHA256"));
        X500Name x500Name = new X500Name("CN=Test");
        long currentTimeMillis = System.currentTimeMillis();
        new JcaX509CertificateConverter().setProvider("BC").getCertificate(new JcaX509v1CertificateBuilder(x500Name, BigIntegers.ONE, new Date(currentTimeMillis - 5000), new Date(currentTimeMillis + 50000), x500Name, externalPublicKey).build(new JcaContentSignerBuilder("SHA256withECDSA").build(generateKeyPair.getPrivate())));
    }

    private void checkCertificateDilithium() throws Exception {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("Dilithium5").generateKeyPair();
        ExternalPublicKey externalPublicKey = new ExternalPublicKey(generateKeyPair.getPublic(), new GeneralName(6, "https://localhost"), MessageDigest.getInstance("SHA256"));
        X500Name x500Name = new X500Name("C=XX, O=Royal Institute of Public Key Infrastructure, OU=Post-Heffalump Research Department, CN=External Key Test");
        long currentTimeMillis = System.currentTimeMillis();
        new JcaX509CertificateConverter().setProvider("BC").getCertificate(new JcaX509v1CertificateBuilder(x500Name, BigInteger.valueOf(System.currentTimeMillis()), new Date(currentTimeMillis - 5000), new Date(currentTimeMillis + 157680000000L), x500Name, externalPublicKey).build(new JcaContentSignerBuilder("Dilithium5").build(generateKeyPair.getPrivate())));
    }

    public static void main(String[] strArr) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        runTest(new ExternalKeyTest());
        Security.addProvider(new BouncyCastlePQCProvider());
    }
}
