package org.jscep.message;

import java.io.IOException;
import java.security.PrivateKey;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Hashtable;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSSignedGenerator;
import org.jscep.transaction.PkiStatus;
import org.jscep.util.LoggingUtil;
import org.slf4j.Logger;

/* loaded from: input_file:org/jscep/message/PkiMessageEncoder.class */
public class PkiMessageEncoder {
    private static Logger LOGGER = LoggingUtil.getLogger((Class<?>) PkiMessageEncoder.class);
    private final PrivateKey senderKey;
    private final X509Certificate senderCert;
    private final PkcsPkiEnvelopeEncoder encoder;

    public PkiMessageEncoder(PrivateKey privateKey, X509Certificate x509Certificate, PkcsPkiEnvelopeEncoder pkcsPkiEnvelopeEncoder) {
        this.senderKey = privateKey;
        this.senderCert = x509Certificate;
        this.encoder = pkcsPkiEnvelopeEncoder;
    }

    public CMSSignedData encode(PkiMessage<? extends ASN1Encodable> pkiMessage) throws IOException {
        LOGGER.debug("Encoding message: {}", pkiMessage);
        boolean z = true;
        if ((pkiMessage instanceof PkiResponse) && ((PkiResponse) pkiMessage).getPkiStatus() != PkiStatus.SUCCESS) {
            z = false;
        }
        CMSProcessableByteArray cMSProcessableByteArray = z ? new CMSProcessableByteArray(this.encoder.encode(pkiMessage.getMessageData()).getEncoded()) : null;
        Hashtable hashtable = new Hashtable();
        for (Attribute attribute : pkiMessage.getAttributes()) {
            hashtable.put(attribute.getAttrType(), attribute);
        }
        AttributeTable attributeTable = new AttributeTable(hashtable);
        try {
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(Collections.singleton(this.senderCert)));
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            LOGGER.debug("Signing message using key belonging to '{}'", this.senderCert.getSubjectDN());
            cMSSignedDataGenerator.addSigner(this.senderKey, this.senderCert, CMSSignedGenerator.DIGEST_SHA1, attributeTable, (AttributeTable) null);
            try {
                cMSSignedDataGenerator.addCertificatesAndCRLs(certStore);
                try {
                    LOGGER.debug("Signing {} content", cMSProcessableByteArray);
                    CMSSignedData generate = cMSSignedDataGenerator.generate(cMSProcessableByteArray, true, (String) null);
                    LOGGER.debug("Encoded to: {}", generate.getEncoded());
                    return generate;
                } catch (Exception e) {
                    throw new IOException(e);
                }
            } catch (Exception e2) {
                throw new IOException(e2);
            }
        } catch (Exception e3) {
            throw new IOException(e3);
        }
    }
}
