package com.google.code.jscep.transaction;

import com.google.code.jscep.PKIOperationFailureException;
import com.google.code.jscep.RequestPendingException;
import com.google.code.jscep.operations.PKIOperation;
import com.google.code.jscep.pkcs7.MessageData;
import com.google.code.jscep.pkcs7.PkiMessage;
import com.google.code.jscep.pkcs7.PkiMessageGenerator;
import com.google.code.jscep.pkcs7.SignedDataParser;
import com.google.code.jscep.request.PKCSReq;
import com.google.code.jscep.transport.Transport;
import com.google.code.jscep.util.LoggingUtil;
import com.google.code.jscep.util.SignedDataUtil;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.cert.CertStore;
import java.util.logging.Logger;
import org.bouncycastle.asn1.DEREncodable;

/* loaded from: input_file:com/google/code/jscep/transaction/Transaction.class */
public class Transaction {
    private static NonceQueue QUEUE = new NonceQueue(20);
    private static Logger LOGGER = LoggingUtil.getLogger("com.google.code.jscep.transaction");
    private final TransactionId transId;
    private final Nonce senderNonce = Nonce.nextNonce();
    private final KeyPair keyPair;
    private final Transport transport;
    private final PkiMessageGenerator msgGenerator;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Transaction(Transport transport, KeyPair keyPair, PkiMessageGenerator pkiMessageGenerator, String str) {
        this.transport = transport;
        this.keyPair = keyPair;
        this.transId = TransactionId.createTransactionId(keyPair, str);
        this.msgGenerator = pkiMessageGenerator;
    }

    public <T extends DEREncodable> CertStore performOperation(PKIOperation<T> pKIOperation) throws IOException, PKIOperationFailureException, RequestPendingException {
        LOGGER.entering(getClass().getName(), "performOperation", pKIOperation);
        this.msgGenerator.setMessageType(pKIOperation.getMessageType());
        this.msgGenerator.setSenderNonce(this.senderNonce);
        this.msgGenerator.setTransactionId(this.transId);
        this.msgGenerator.setMessageData(MessageData.getInstance(pKIOperation.getMessage()));
        PkiMessage pkiMessage = (PkiMessage) this.transport.sendMessage(new PKCSReq(this.msgGenerator.generate(), this.keyPair));
        if (!pkiMessage.getTransactionId().equals(this.transId)) {
            IOException iOException = new IOException("Transaction ID Mismatch: Sent [" + this.transId + "]; Received [" + pkiMessage.getTransactionId() + "]");
            LOGGER.throwing(getClass().getName(), "performOperation", iOException);
            throw iOException;
        }
        if (!pkiMessage.getRecipientNonce().equals(this.senderNonce)) {
            throw new InvalidNonceException("Response recipient nonce and request sender nonce are not equal");
        }
        if (QUEUE.contains(pkiMessage.getSenderNonce())) {
            throw new InvalidNonceException("This nonce has been encountered before.  Possible replay attack?");
        }
        QUEUE.offer(pkiMessage.getSenderNonce());
        if (pkiMessage.getPkiStatus().equals(PkiStatus.FAILURE)) {
            PKIOperationFailureException pKIOperationFailureException = new PKIOperationFailureException(pkiMessage.getFailInfo());
            LOGGER.throwing(getClass().getName(), "performOperation", pKIOperationFailureException);
            throw pKIOperationFailureException;
        }
        if (pkiMessage.getPkiStatus().equals(PkiStatus.PENDING)) {
            RequestPendingException requestPendingException = new RequestPendingException();
            LOGGER.throwing(getClass().getName(), "performOperation", requestPendingException);
            throw requestPendingException;
        }
        try {
            CertStore extractCertStore = SignedDataUtil.extractCertStore(new SignedDataParser().parse(pkiMessage.getPkcsPkiEnvelope().getMessageData().getContent()));
            LOGGER.exiting(getClass().getName(), "performOperation", extractCertStore);
            return extractCertStore;
        } catch (GeneralSecurityException e) {
            IOException iOException2 = new IOException(e);
            LOGGER.throwing(getClass().getName(), "getContent", iOException2);
            throw iOException2;
        }
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("Transaction [\n");
        sb.append("\ttransactionId: " + this.transId + "\n");
        sb.append("]");
        return sb.toString();
    }
}
