package org.xipki.cmp.client;

import java.security.SecureRandom;
import org.bouncycastle.asn1.cmp.PBMParameter;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.GeneralName;
import org.xipki.security.ConcurrentContentSigner;
import org.xipki.security.HashAlgo;
import org.xipki.security.SignAlgo;
import org.xipki.util.Args;

/* loaded from: input_file:WEB-INF/lib/cmp-client-6.1.0.jar:org/xipki/cmp/client/Requestor.class */
public abstract class Requestor {
    private static final X500Name NULL_GENERALNAME = new X500Name(new RDN[0]);
    private final GeneralName name;

    /* loaded from: input_file:WEB-INF/lib/cmp-client-6.1.0.jar:org/xipki/cmp/client/Requestor$PbmMacCmpRequestor.class */
    public static class PbmMacCmpRequestor extends Requestor {
        private final SecureRandom random;
        private final char[] password;
        private final byte[] senderKID;
        private final HashAlgo owf;
        private final int iterationCount;
        private final SignAlgo mac;

        public PbmMacCmpRequestor(char[] cArr, byte[] bArr, HashAlgo hashAlgo, int i, SignAlgo signAlgo) {
            super(Requestor.NULL_GENERALNAME);
            this.random = new SecureRandom();
            this.password = cArr;
            this.senderKID = bArr;
            this.owf = hashAlgo;
            this.iterationCount = i;
            this.mac = signAlgo;
        }

        public char[] getPassword() {
            return this.password;
        }

        public byte[] getSenderKID() {
            return this.senderKID;
        }

        public PBMParameter getParameter() {
            return new PBMParameter(randomSalt(), this.owf.getAlgorithmIdentifier(), this.iterationCount, this.mac.getAlgorithmIdentifier());
        }

        private byte[] randomSalt() {
            byte[] bArr = new byte[64];
            this.random.nextBytes(bArr);
            return bArr;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/cmp-client-6.1.0.jar:org/xipki/cmp/client/Requestor$SignatureCmpRequestor.class */
    public static class SignatureCmpRequestor extends Requestor {
        private final ConcurrentContentSigner signer;

        public SignatureCmpRequestor(ConcurrentContentSigner concurrentContentSigner) {
            super(getSignerSubject(concurrentContentSigner));
            this.signer = concurrentContentSigner;
        }

        public ConcurrentContentSigner getSigner() {
            return this.signer;
        }

        private static X500Name getSignerSubject(ConcurrentContentSigner concurrentContentSigner) {
            Args.notNull(concurrentContentSigner, "signer");
            if (concurrentContentSigner.getCertificate() == null) {
                throw new IllegalArgumentException("requestor without certificate is not allowed");
            }
            return concurrentContentSigner.getCertificate().getSubject();
        }
    }

    private Requestor(X500Name x500Name) {
        this.name = new GeneralName((X500Name) Args.notNull(x500Name, "name"));
    }

    public GeneralName getName() {
        return this.name;
    }
}
