package org.cesecore.certificates.ca.internal;

import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Random;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.cesecore.config.CesecoreConfiguration;
import org.cesecore.internal.InternalResources;

/* loaded from: input_file:org/cesecore/certificates/ca/internal/SernoGeneratorRandom.class */
public class SernoGeneratorRandom implements SernoGenerator {
    private String algorithm;
    private SecureRandom random;
    private static final Logger log = Logger.getLogger(SernoGeneratorRandom.class);
    private static final InternalResources intres = InternalResources.getInstance();
    private static SernoGeneratorRandom instance = null;
    private int noOctets = 8;
    private BigInteger lowest = new BigInteger("0080000000000000", 16);
    private BigInteger highest = new BigInteger("7FFFFFFFFFFFFFFF", 16);

    protected SernoGeneratorRandom() {
        this.algorithm = "SHA1PRNG";
        if (log.isTraceEnabled()) {
            log.trace(">SernoGenerator()");
        }
        this.algorithm = CesecoreConfiguration.getCaSerialNumberAlgorithm();
        setSernoOctetSize(CesecoreConfiguration.getCaSerialNumberOctetSize());
        init();
        if (log.isTraceEnabled()) {
            log.trace("<SernoGenerator()");
        }
    }

    private void init() {
        try {
            if (!StringUtils.isEmpty(this.algorithm) && !StringUtils.containsIgnoreCase(this.algorithm, "default")) {
                this.random = SecureRandom.getInstance(this.algorithm);
                log.info("Using " + this.algorithm + " serialNumber RNG algorithm.");
            } else if (!StringUtils.isEmpty(this.algorithm) && StringUtils.equalsIgnoreCase(this.algorithm, "defaultstrong")) {
                try {
                    this.random = (SecureRandom) SecureRandom.class.getDeclaredMethod("getInstanceStrong", new Class[0]).invoke(null, new Object[0]);
                    log.info("Using SecureRandom.getInstanceStrong() with " + this.random.getAlgorithm() + " for serialNumber RNG algorithm.");
                } catch (IllegalAccessException | IllegalArgumentException | NoSuchMethodException | SecurityException | InvocationTargetException e) {
                    throw new IllegalStateException("SecureRandom.getInstanceStrong() is not available or failed invocation. (This method was added in Java 8.)");
                }
            } else if (!StringUtils.isEmpty(this.algorithm) && StringUtils.equalsIgnoreCase(this.algorithm, "default")) {
                this.random = new SecureRandom();
                log.info("Using default " + this.random.getAlgorithm() + " serialNumber RNG algorithm.");
            }
            if (this.random == null) {
                throw new IllegalStateException("Algorithm " + this.algorithm + " was not a valid algorithm.");
            }
            this.random.nextBytes(new byte[20]);
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException("Algorithm " + this.algorithm + " was not a valid algorithm.", e2);
        }
    }

    public static synchronized SernoGenerator instance() {
        if (instance == null) {
            instance = new SernoGeneratorRandom();
        }
        return instance;
    }

    @Override // org.cesecore.certificates.ca.internal.SernoGenerator
    public synchronized BigInteger getSerno() {
        if (this.noOctets == 0) {
            return new BigInteger(Long.toString(new Random().nextInt(4)));
        }
        byte[] bArr = new byte[this.noOctets];
        boolean z = false;
        BigInteger bigInteger = null;
        while (!z) {
            this.random.nextBytes(bArr);
            bigInteger = new BigInteger(bArr).abs();
            if (checkSernoValidity(bigInteger)) {
                z = true;
            } else {
                log.info(intres.getLocalizedMessage("sernogenerator.discarding", new Object[0]));
            }
        }
        return bigInteger;
    }

    protected boolean checkSernoValidity(BigInteger bigInteger) {
        return bigInteger.compareTo(this.lowest) >= 0 && bigInteger.compareTo(this.highest) <= 0;
    }

    @Override // org.cesecore.certificates.ca.internal.SernoGenerator
    public int getNoSernoBytes() {
        return this.noOctets;
    }

    @Override // org.cesecore.certificates.ca.internal.SernoGenerator
    public void setSeed(long j) {
        this.random.setSeed(j);
    }

    @Override // org.cesecore.certificates.ca.internal.SernoGenerator
    public void setAlgorithm(String str) throws NoSuchAlgorithmException {
        if (this.algorithm == null || !this.algorithm.equals(str)) {
            this.algorithm = str;
            this.random = null;
            init();
        }
    }

    protected String getAlgorithm() {
        return this.random.getAlgorithm();
    }

    @Override // org.cesecore.certificates.ca.internal.SernoGenerator
    public void setSernoOctetSize(int i) {
        if (this.noOctets != i) {
            if (i > 20 && i != 0) {
                throw new IllegalArgumentException("SernoOctetSize must be between 4 and 20 bytes for this generator.");
            }
            char[] cArr = new char[i * 2];
            Arrays.fill(cArr, '0');
            cArr[2] = '8';
            this.lowest = new BigInteger(String.valueOf(cArr), 16);
            Arrays.fill(cArr, 'F');
            cArr[0] = '7';
            this.highest = new BigInteger(String.valueOf(cArr), 16);
            this.noOctets = i;
        }
    }
}
