package com.google.code.jscep.pkcs7;

import com.google.code.jscep.asn1.SCEPObjectIdentifiers;
import com.google.code.jscep.transaction.FailInfo;
import com.google.code.jscep.transaction.MessageType;
import com.google.code.jscep.transaction.Nonce;
import com.google.code.jscep.transaction.PkiStatus;
import com.google.code.jscep.transaction.TransactionId;
import com.google.code.jscep.util.AlgorithmDictionary;
import com.google.code.jscep.util.LoggingUtil;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.Signature;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Hashtable;
import java.util.logging.Logger;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.BERConstructedOctetString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.CMSAttributes;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.cms.SignerIdentifier;
import org.bouncycastle.asn1.cms.SignerInfo;
import org.bouncycastle.asn1.cms.Time;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Name;

/* loaded from: input_file:com/google/code/jscep/pkcs7/PkiMessageGenerator.class */
public class PkiMessageGenerator {
    private static Logger LOGGER;
    private MessageType msgType;
    private TransactionId transId;
    private Nonce senderNonce;
    private Nonce recipientNonce;
    private FailInfo failInfo;
    private KeyPair keyPair;
    private X509Certificate identity;
    private String digestAlgorithm;
    private PkiStatus pkiStatus;
    private ContentInfo content;
    private byte[] hash;
    private X509Certificate recipient;
    private String cipherAlgorithm;
    private MessageData msgData;
    static final /* synthetic */ boolean $assertionsDisabled;

    public void setKeyPair(KeyPair keyPair) {
        this.keyPair = keyPair;
    }

    public void setSigner(X509Certificate x509Certificate) {
        this.identity = x509Certificate;
    }

    public void setFailInfo(FailInfo failInfo) {
        this.failInfo = failInfo;
    }

    public void setRecipientNonce(Nonce nonce) {
        this.recipientNonce = nonce;
    }

    public void setMessageDigest(String str) {
        this.digestAlgorithm = str;
    }

    public void setSenderNonce(Nonce nonce) {
        this.senderNonce = nonce;
    }

    public void setPkiStatus(PkiStatus pkiStatus) {
        this.pkiStatus = pkiStatus;
    }

    public void setMessageData(MessageData messageData) {
        this.msgData = messageData;
    }

    public void setMessageType(MessageType messageType) {
        this.msgType = messageType;
    }

    public void setTransactionId(TransactionId transactionId) {
        this.transId = transactionId;
    }

    public void setRecipient(X509Certificate x509Certificate) {
        this.recipient = x509Certificate;
    }

    public void setCipherAlgorithm(String str) {
        this.cipherAlgorithm = str;
    }

    public PkiMessage generate() throws IOException, IllegalStateException {
        PkcsPkiEnvelope generate;
        LOGGER.entering(getClass().getName(), "generate");
        if (this.transId == null) {
            throw new IllegalStateException("Missing transactionID");
        }
        if (this.msgType == null) {
            throw new IllegalStateException("Missing messageType");
        }
        if (this.senderNonce == null) {
            throw new IllegalStateException("Missing senderNonce");
        }
        if (this.msgType == MessageType.CertRep) {
            if (this.pkiStatus == null) {
                throw new IllegalStateException("Missing pkiStatus");
            }
            if (this.pkiStatus == PkiStatus.FAILURE && this.failInfo == null) {
                throw new IllegalStateException("Missing failInfo");
            }
            if (this.recipientNonce == null) {
                throw new IllegalStateException("Missing recipientNonce");
            }
        }
        if (this.digestAlgorithm == null) {
            throw new IllegalStateException("Missing Message Digest Algorithm");
        }
        if (this.cipherAlgorithm == null) {
            throw new IllegalStateException("Missing Cipher Algorithm");
        }
        if (this.keyPair == null) {
            throw new IllegalStateException("Missing Key Pair");
        }
        if (this.recipient == null) {
            throw new IllegalStateException("Missing Recipient");
        }
        if (this.msgData == null) {
            generate = null;
        } else {
            PkcsPkiEnvelopeGenerator pkcsPkiEnvelopeGenerator = new PkcsPkiEnvelopeGenerator();
            pkcsPkiEnvelopeGenerator.setCipherAlgorithm(this.cipherAlgorithm);
            pkcsPkiEnvelopeGenerator.setRecipient(this.recipient);
            pkcsPkiEnvelopeGenerator.setMessageData(this.msgData);
            pkcsPkiEnvelopeGenerator.setKeyAlgorithm(this.cipherAlgorithm);
            generate = pkcsPkiEnvelopeGenerator.generate();
            this.content = new ContentInfo(ASN1Object.fromByteArray(generate.getEncoded()));
        }
        try {
            SignedData signedData = new SignedData(getDigestAlgorithms(), getContentInfo(), getCertificates(), getCRLs(), getSignerInfos());
            if (!$assertionsDisabled && !signedData.getVersion().getValue().equals(BigInteger.ONE)) {
                throw new AssertionError();
            }
            if (!$assertionsDisabled && !signedData.getEncapContentInfo().getContentType().equals(CMSObjectIdentifiers.data)) {
                throw new AssertionError();
            }
            PkiMessage pkiMessage = new PkiMessage(new ContentInfo(CMSObjectIdentifiers.signedData, signedData));
            pkiMessage.setPkcsPkiEnvelope(generate);
            LOGGER.exiting(getClass().getName(), "generate", pkiMessage);
            return pkiMessage;
        } catch (GeneralSecurityException e) {
            RuntimeException runtimeException = new RuntimeException(e);
            LOGGER.throwing(getClass().getName(), "parse", runtimeException);
            throw runtimeException;
        }
    }

    private ContentInfo getContentInfo() {
        return new ContentInfo(CMSObjectIdentifiers.data, getContent());
    }

    private Attribute getContentType() {
        return new Attribute(CMSAttributes.contentType, new DERSet(PKCSObjectIdentifiers.data));
    }

    private DEREncodable getContent() {
        return new BERConstructedOctetString(this.content);
    }

    private ASN1Set getCertificates() {
        return new DERSet(getCertificate());
    }

    private X509CertificateStructure getCertificate() {
        try {
            return new X509CertificateStructure(ASN1Object.fromByteArray(this.identity.getEncoded()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (CertificateEncodingException e2) {
            throw new RuntimeException(e2);
        }
    }

    private ASN1Set getCRLs() {
        return null;
    }

    private ASN1Set getSignerInfos() throws IOException, GeneralSecurityException {
        return new DERSet(getSignerInfo());
    }

    private SignerInfo getSignerInfo() throws IOException, GeneralSecurityException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        Signature signature = Signature.getInstance("SHA1withRSA");
        messageDigest.update(this.content.getEncoded());
        this.hash = messageDigest.digest();
        Hashtable hashtable = new Hashtable();
        hashtable.put(getTransactionId().getAttrType(), getTransactionId());
        hashtable.put(getMessageType().getAttrType(), getMessageType());
        hashtable.put(getSenderNonce().getAttrType(), getSenderNonce());
        hashtable.put(getContentType().getAttrType(), getContentType());
        hashtable.put(getSigningTime().getAttrType(), getSigningTime());
        hashtable.put(getMessageDigest().getAttrType(), getMessageDigest());
        if (this.pkiStatus != null) {
            hashtable.put(getStatus().getAttrType(), getStatus());
        }
        if (this.failInfo != null) {
            hashtable.put(getFailInfo().getAttrType(), getFailInfo());
        }
        if (this.recipientNonce != null) {
            hashtable.put(getRecipientNonce().getAttrType(), getRecipientNonce());
        }
        DERSet dERSet = new DERSet(new AttributeTable(hashtable).toASN1EncodableVector());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        new DEROutputStream(byteArrayOutputStream).writeObject(dERSet);
        signature.initSign(this.keyPair.getPrivate());
        signature.update(byteArrayOutputStream.toByteArray());
        return new SignerInfo(getSignerIdentifier(), getDigestAlgorithm(), dERSet, getDigestEncryptionAlgorithm(), new DEROctetString(signature.sign()), getUnauthenticatedAttributes());
    }

    private ASN1Set getUnauthenticatedAttributes() {
        return null;
    }

    private Attribute getMessageType() {
        return new Attribute(SCEPObjectIdentifiers.messageType, new DERSet(new DERPrintableString(Integer.toString(this.msgType.getValue()))));
    }

    private Attribute getMessageDigest() {
        return new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(this.hash)));
    }

    private Attribute getSigningTime() {
        return new Attribute(CMSAttributes.signingTime, new DERSet(new Time(new Date())));
    }

    private Attribute getSenderNonce() {
        return new Attribute(SCEPObjectIdentifiers.senderNonce, new DERSet(new DEROctetString(this.senderNonce.getBytes())));
    }

    private Attribute getTransactionId() {
        return new Attribute(SCEPObjectIdentifiers.transId, new DERSet(new DERPrintableString(this.transId.getBytes())));
    }

    private ASN1Set getDigestAlgorithms() {
        return new DERSet(getDigestAlgorithm());
    }

    private AlgorithmIdentifier getDigestAlgorithm() {
        return AlgorithmDictionary.getAlgId(this.digestAlgorithm);
    }

    private AlgorithmIdentifier getDigestEncryptionAlgorithm() {
        return new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
    }

    private SignerIdentifier getSignerIdentifier() {
        return new SignerIdentifier(getIssuerAndSerialNumber());
    }

    private IssuerAndSerialNumber getIssuerAndSerialNumber() {
        return new IssuerAndSerialNumber(getIssuer(), getSerialNumber());
    }

    private X509Name getIssuer() {
        return new X509Name(this.identity.getIssuerDN().getName());
    }

    private BigInteger getSerialNumber() {
        return this.identity.getSerialNumber();
    }

    private Attribute getFailInfo() {
        return new Attribute(SCEPObjectIdentifiers.failInfo, new DERSet(new DERPrintableString(Integer.toString(this.failInfo.getValue()))));
    }

    private Attribute getStatus() {
        return new Attribute(SCEPObjectIdentifiers.pkiStatus, new DERSet(new DERPrintableString(Integer.toString(this.pkiStatus.getValue()))));
    }

    private Attribute getRecipientNonce() {
        return new Attribute(SCEPObjectIdentifiers.recipientNonce, new DERSet(new DEROctetString(this.recipientNonce.getBytes())));
    }

    static {
        $assertionsDisabled = !PkiMessageGenerator.class.desiredAssertionStatus();
        LOGGER = LoggingUtil.getLogger("com.google.code.jscep.pkcs7");
    }
}
