package de.rwh.utils.crypto;

import java.io.IOException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Objects;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* loaded from: input_file:de/rwh/utils/crypto/CertificationRequestBuilder.class */
public class CertificationRequestBuilder {
    public static void registerBouncyCastleProvider() {
        CertificateHelper.registerBouncyCastleProvider();
    }

    public static KeyPair createRsaKeyPair4096Bit() throws NoSuchAlgorithmException {
        return CertificateHelper.createRsaKeyPair4096Bit();
    }

    public static X500Name createSubject(String str, String str2, String str3, String str4, String str5, String str6) {
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        if (str != null && !str.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.C, str);
        }
        if (str2 != null && !str2.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.ST, str2);
        }
        if (str3 != null && !str3.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.L, str3);
        }
        if (str4 != null && !str4.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.O, str4);
        }
        if (str5 != null && !str5.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.OU, str5);
        }
        if (str6 != null && !str6.isEmpty()) {
            x500NameBuilder.addRDN(BCStyle.CN, str6);
        }
        return x500NameBuilder.build();
    }

    private static JcaPKCS10CertificationRequest createCertificationRequest(boolean z, X500Name x500Name, KeyPair keyPair) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(z, x500Name, keyPair, (String) null, new String[0]);
    }

    public static JcaPKCS10CertificationRequest createServerCertificationRequest(X500Name x500Name, KeyPair keyPair) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(true, x500Name, keyPair);
    }

    public static JcaPKCS10CertificationRequest createClientCertificationRequest(X500Name x500Name, KeyPair keyPair) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(false, x500Name, keyPair);
    }

    private static JcaPKCS10CertificationRequest createCertificationRequest(boolean z, X500Name x500Name, KeyPair keyPair, String str, String... strArr) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(z, x500Name, keyPair, str, Arrays.asList(strArr));
    }

    public static JcaPKCS10CertificationRequest createServerCertificationRequest(X500Name x500Name, KeyPair keyPair, String str, String... strArr) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(true, x500Name, keyPair, str, strArr);
    }

    public static JcaPKCS10CertificationRequest createClientCertificationRequest(X500Name x500Name, KeyPair keyPair, String str, String... strArr) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(false, x500Name, keyPair, str, strArr);
    }

    private static JcaPKCS10CertificationRequest createCertificationRequest(boolean z, X500Name x500Name, KeyPair keyPair, String str, Collection<String> collection) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        Objects.requireNonNull(x500Name, "subject");
        Objects.requireNonNull(keyPair, "rsaKeyPair");
        Objects.requireNonNull(collection, "dnsNames");
        if (!z && !collection.isEmpty()) {
            throw new IllegalArgumentException("DNS Names not supported for client certificate requests");
        }
        JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(x500Name, keyPair.getPublic());
        ArrayList arrayList = new ArrayList(collection.size() + 1);
        if (str != null && !str.isEmpty()) {
            arrayList.add(new GeneralName(1, str));
        }
        for (String str2 : collection) {
            if (str2 != null && !str2.isEmpty()) {
                arrayList.add(new GeneralName(2, str2));
            }
        }
        KeyUsage keyUsage = z ? new KeyUsage(240) : new KeyUsage(224);
        ASN1Encodable dERSequence = new DERSequence(new ASN1Encodable[]{Extension.basicConstraints, new DEROctetString(new BasicConstraints(false))});
        ASN1Encodable dERSequence2 = new DERSequence(new ASN1Encodable[]{Extension.keyUsage, new DEROctetString(keyUsage)});
        if (arrayList.size() > 0) {
            jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new DERSequence(new ASN1Encodable[]{dERSequence, dERSequence2, new DERSequence(new ASN1Encodable[]{Extension.subjectAlternativeName, new DEROctetString(new GeneralNames((GeneralName[]) arrayList.toArray(new GeneralName[arrayList.size()])))})}));
        } else {
            jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new DERSequence(new ASN1Encodable[]{dERSequence, dERSequence2}));
        }
        return new JcaPKCS10CertificationRequest(jcaPKCS10CertificationRequestBuilder.build(CertificateHelper.getContentSigner(keyPair.getPrivate())));
    }

    public static JcaPKCS10CertificationRequest createServerCertificationRequest(X500Name x500Name, KeyPair keyPair, String str, Collection<String> collection) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(true, x500Name, keyPair, str, collection);
    }

    public static JcaPKCS10CertificationRequest createClientCertificationRequest(X500Name x500Name, KeyPair keyPair, String str, Collection<String> collection) throws NoSuchAlgorithmException, IOException, OperatorCreationException, IllegalStateException {
        return createCertificationRequest(false, x500Name, keyPair, str, collection);
    }
}
