package org.jscep.operations;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.Signature;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.pkcs.CertificationRequest;
import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Name;
import org.jscep.pkcs9.ChallengePasswordAttribute;
import org.jscep.transaction.MessageType;
import org.jscep.util.AlgorithmDictionary;

/* loaded from: input_file:org/jscep/operations/PKCSReq.class */
public class PKCSReq implements DelayablePKIOperation<CertificationRequest> {
    private final X509Certificate identity;
    private final char[] password;
    private final KeyPair keyPair;
    private final String digestAlgorithm;

    public PKCSReq(KeyPair keyPair, X509Certificate x509Certificate, String str, char[] cArr) {
        this.keyPair = keyPair;
        this.identity = x509Certificate;
        this.password = cArr;
        this.digestAlgorithm = str;
    }

    @Override // org.jscep.operations.PKIOperation
    public MessageType getMessageType() {
        return MessageType.PKCSReq;
    }

    @Override // org.jscep.operations.PKIOperation
    /* renamed from: getMessage, reason: merged with bridge method [inline-methods] */
    public CertificationRequest mo5getMessage() throws IOException {
        try {
            CertificationRequestInfo certificationRequestInfo = getCertificationRequestInfo();
            return new CertificationRequest(certificationRequestInfo, getSignatureAlgorithm(), sign(certificationRequestInfo));
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    }

    private CertificationRequestInfo getCertificationRequestInfo() throws IOException {
        return new CertificationRequestInfo(getSubject(), getPublicKeyInfo(), getAttributes());
    }

    private X509Name getSubject() {
        return new X509Name(this.identity.getSubjectX500Principal().getName());
    }

    private DERSet getAttributes() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ChallengePasswordAttribute(new String(this.password)));
        return new DERSet(aSN1EncodableVector);
    }

    private DERBitString sign(CertificationRequestInfo certificationRequestInfo) throws GeneralSecurityException {
        Signature signature = Signature.getInstance(AlgorithmDictionary.lookup(getSignatureAlgorithm()));
        signature.initSign(this.keyPair.getPrivate());
        signature.update(certificationRequestInfo.getDEREncoded());
        return new DERBitString(signature.sign());
    }

    private SubjectPublicKeyInfo getPublicKeyInfo() throws IOException {
        return new SubjectPublicKeyInfo(new ASN1InputStream(new ByteArrayInputStream(this.keyPair.getPublic().getEncoded())).readObject());
    }

    private AlgorithmIdentifier getSignatureAlgorithm() {
        return new AlgorithmIdentifier(AlgorithmDictionary.getOid(AlgorithmDictionary.getRSASignatureAlgorithm(this.digestAlgorithm)));
    }

    public String toString() {
        return getMessageType().toString();
    }
}
