package com.formosoft.jpki.scep;

import com.formosoft.jpki.InvalidFormatException;
import com.formosoft.jpki.asn1.ASN1ObjectID;
import com.formosoft.jpki.asn1.ASN1OctetString;
import com.formosoft.jpki.asn1.ASN1PrintableString;
import com.formosoft.jpki.oid.OIDFactory;
import com.formosoft.jpki.pkcs10.PKCS10;
import com.formosoft.jpki.pkcs6.ExtendedCertificateOrCertificate;
import com.formosoft.jpki.pkcs7.EncryptedContentInfo;
import com.formosoft.jpki.pkcs7.EnvelopedData;
import com.formosoft.jpki.pkcs7.IssuerAndSerialNumber;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.pkcs7.RecipientInfo;
import com.formosoft.jpki.pkcs7.SetOfRecipientInfo;
import com.formosoft.jpki.pkcs7.SignedData;
import com.formosoft.jpki.pkcs7.SignerInfo;
import com.formosoft.jpki.util.JCAAlgorithm;
import com.formosoft.jpki.util.RSAUtil;
import com.formosoft.jpki.x501.Attribute;
import com.formosoft.jpki.x501.SetOfAttribute;
import com.formosoft.jpki.x509.X509Algorithm;
import com.formosoft.jpki.x509.X509Certificate;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Random;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/formosoft/jpki/scep/SCEPRequestGenerator.class */
public class SCEPRequestGenerator {
    private PKCS10 certReq;
    private X509Certificate cacert;
    private X509Certificate cert;

    public SCEPRequestGenerator(PKCS10 pkcs10, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        this.certReq = pkcs10;
        this.cacert = x509Certificate;
        this.cert = x509Certificate2;
    }

    public SCEPRequest sign(PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, InvalidFormatException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException {
        if (this.certReq == null) {
            throw new InvalidFormatException("PKCS10 object is null");
        }
        if (this.cacert == null) {
            throw new InvalidFormatException("certificates object of CA is null");
        }
        if (this.cert == null) {
            throw new InvalidFormatException("certificates object of end entity is null");
        }
        SecretKey generateKey = KeyGenerator.getInstance("DES").generateKey();
        X509Algorithm x509Algorithm = new X509Algorithm(OIDFactory.getObjectIdentifier("rsaEncryption"));
        RecipientInfo recipientInfo = new RecipientInfo(0, new IssuerAndSerialNumber(this.cacert), x509Algorithm, RSAUtil.encrypt((RSAPublicKey) this.cacert.getPublicKey(), generateKey.getEncoded()));
        Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
        cipher.init(1, generateKey);
        byte[] doFinal = cipher.doFinal(this.certReq.getEncoded());
        EncryptedContentInfo encryptedContentInfo = new EncryptedContentInfo(OIDFactory.getObjectIdentifier("rsaEncryption"), new X509Algorithm(OIDFactory.getObjectIdentifier("des-cbc"), new ASN1OctetString(cipher.getIV())), doFinal);
        ArrayList arrayList = new ArrayList();
        arrayList.add(0, recipientInfo);
        EnvelopedData envelopedData = new EnvelopedData(0, new SetOfRecipientInfo(arrayList), encryptedContentInfo);
        X509Algorithm x509Algorithm2 = new X509Algorithm(OIDFactory.getObjectIdentifier("md5"));
        PKCS7 pkcs7 = new PKCS7(new ASN1OctetString(envelopedData.getEncoded()));
        BigInteger serialNumber = this.cert.getSerialNumber();
        IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(this.cert);
        Attribute attribute = new Attribute(OIDFactory.getObjectIdentifier("contentType"), ASN1ObjectID.getInstance("pkcs7-data"));
        Attribute attribute2 = new Attribute(OIDFactory.getObjectIdentifier("messageDigest"), new ASN1OctetString(MessageDigest.getInstance("MD5").digest(envelopedData.getEncoded())));
        Attribute attribute3 = new Attribute(OIDFactory.getObjectIdentifier("2.16.840.1.113733.1.9.7"), ASN1PrintableString.getInstance(serialNumber.toByteArray()));
        Attribute attribute4 = new Attribute(OIDFactory.getObjectIdentifier("2.16.840.1.113733.1.9.2"), ASN1PrintableString.getInstance("19".getBytes()));
        byte[] bArr = new byte[16];
        new Random(1227L).nextBytes(bArr);
        Attribute attribute5 = new Attribute(OIDFactory.getObjectIdentifier("2.16.840.1.113733.1.9.5"), new ASN1OctetString(bArr));
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(0, attribute);
        arrayList2.add(1, attribute2);
        arrayList2.add(2, attribute3);
        arrayList2.add(3, attribute4);
        arrayList2.add(4, attribute5);
        SetOfAttribute setOfAttribute = new SetOfAttribute(arrayList2);
        Signature signature = Signature.getInstance("MD5withRSA");
        String algorithm = signature.getAlgorithm();
        if (JCAAlgorithm.getObjectIdentifier(algorithm) == null) {
            throw new NoSuchAlgorithmException(algorithm);
        }
        signature.initSign(privateKey);
        signature.update(setOfAttribute.getContentValue());
        SignerInfo signerInfo = new SignerInfo(1, issuerAndSerialNumber, setOfAttribute, x509Algorithm2, x509Algorithm, signature.sign(), null);
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        ArrayList arrayList5 = new ArrayList();
        ArrayList arrayList6 = new ArrayList();
        arrayList3.add(0, x509Algorithm2);
        arrayList4.add(0, new ExtendedCertificateOrCertificate(this.cert));
        arrayList6.add(0, signerInfo);
        return new SCEPRequest(new SignedData(arrayList3, pkcs7, arrayList4, arrayList5, arrayList6));
    }
}
