package com.tibco.security.impl.j2se;

import com.tibco.security.AXSecurityException;
import com.tibco.security.CSR;
import com.tibco.security.Cert;
import com.tibco.security.DN;
import com.tibco.security.Hasher;
import com.tibco.security.PKFactory;
import com.tibco.security.ShroudedPK;
import com.tibco.security.impl.ooOO;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.apache.harmony.security.pkcs10.CertificationRequest;
import org.apache.harmony.security.pkcs10.CertificationRequestInfo;
import org.apache.harmony.security.utils.AlgNameMapper;
import org.apache.harmony.security.x501.Name;
import org.apache.harmony.security.x509.AlgorithmIdentifier;
import org.apache.harmony.security.x509.AlternativeName;
import org.apache.harmony.security.x509.BasicConstraints;
import org.apache.harmony.security.x509.Certificate;
import org.apache.harmony.security.x509.Extension;
import org.apache.harmony.security.x509.Extensions;
import org.apache.harmony.security.x509.GeneralName;
import org.apache.harmony.security.x509.GeneralNames;
import org.apache.harmony.security.x509.KeyUsage;
import org.apache.harmony.security.x509.SubjectKeyIdentifier;
import org.apache.harmony.security.x509.SubjectPublicKeyInfo;
import org.apache.harmony.security.x509.TBSCertificate;
import org.apache.harmony.security.x509.Validity;

/* loaded from: input_file:com/tibco/security/impl/j2se/CSRImpl.class */
public class CSRImpl extends CSR {
    private static final long serialVersionUID = 1;
    private ShroudedPK privateKey = null;
    private PublicKey m_publicKey;

    @Override // com.tibco.security.CSR
    public byte[] generateCSR(char[] cArr, int i, String str, DN dn) throws AXSecurityException {
        AlgorithmIdentifier algorithmIdentifier;
        KeyPair m78super = m78super(cArr, i, str);
        try {
            CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(0, new Name(dn.toString()), (SubjectPublicKeyInfo) SubjectPublicKeyInfo.ASN1.decode(m78super.getPublic().getEncoded()), (List) null);
            if (str.equalsIgnoreCase("RSA")) {
                algorithmIdentifier = new AlgorithmIdentifier(AlgNameMapper.map2OID("SHA256withRSA"), new byte[]{5});
            } else {
                if (!str.equalsIgnoreCase("DSA")) {
                    throw new AXSecurityException("unrecognized key algorithm: " + str);
                }
                algorithmIdentifier = new AlgorithmIdentifier(AlgNameMapper.map2OID("SHA1withDSA"), new byte[]{5});
            }
            Signature signature = Signature.getInstance(algorithmIdentifier.getAlgorithmName());
            signature.initSign(m78super.getPrivate());
            signature.update(certificationRequestInfo.getEncoded());
            return new CertificationRequest(certificationRequestInfo, algorithmIdentifier, signature.sign()).getEncoded();
        } catch (IOException e) {
            throw new AXSecurityException(e);
        } catch (InvalidKeyException e2) {
            throw new AXSecurityException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new AXSecurityException(e3);
        } catch (SignatureException e4) {
            throw new AXSecurityException(e4);
        }
    }

    /* renamed from: super, reason: not valid java name */
    KeyPair m78super(char[] cArr, int i, String str) throws AXSecurityException {
        KeyPairGenerator keyPairGenerator;
        try {
            String jCEProvider = ooOO.getInstance().getJCEProvider(0);
            try {
                keyPairGenerator = KeyPairGenerator.getInstance(str, jCEProvider);
            } catch (NoSuchAlgorithmException unused) {
                logger.debug(String.valueOf(jCEProvider) + "doesn't have " + str);
                keyPairGenerator = KeyPairGenerator.getInstance(str);
            }
            keyPairGenerator.initialize(i);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            this.privateKey = PKFactory.createShroudedPK(PKFactory.createPK(generateKeyPair.getPrivate()), cArr, 2);
            return generateKeyPair;
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    @Override // com.tibco.security.CSR
    public Cert generateSelfSignedCert(char[] cArr, int i, String str, DN dn, Date date, Date date2, BigInteger bigInteger) throws AXSecurityException {
        AlgorithmIdentifier algorithmIdentifier;
        if (str.equalsIgnoreCase("RSA")) {
            algorithmIdentifier = new AlgorithmIdentifier(AlgNameMapper.map2OID("SHA256withRSA"), new byte[]{5});
        } else {
            if (!str.equalsIgnoreCase("DSA")) {
                throw new AXSecurityException("unrecognized key algorithm: " + str);
            }
            algorithmIdentifier = new AlgorithmIdentifier(AlgNameMapper.map2OID("SHA1withDSA"), new byte[]{5});
        }
        KeyPair m78super = m78super(cArr, i, str);
        try {
            SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo) SubjectPublicKeyInfo.ASN1.decode(m78super.getPublic().getEncoded());
            Name name = new Name(dn.toString());
            Validity validity = new Validity(date, date2);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new Extension("2.5.29.15", true, new KeyUsage(new boolean[]{true, true, true, true, false, true, true})));
            arrayList.add(new Extension("2.5.29.19", false, new BasicConstraints(false, -1)));
            String attributeValue = dn.getAttributeValue(DN.EMAIL);
            if (attributeValue != null) {
                GeneralNames generalNames = new GeneralNames();
                generalNames.addName(new GeneralName(1, attributeValue));
                arrayList.add(new Extension("2.5.29.17", false, new AlternativeName(true, generalNames)));
            }
            MessageDigest messageDigest = MessageDigest.getInstance(Hasher.SHA1);
            messageDigest.reset();
            arrayList.add(new Extension("2.5.29.14", false, new SubjectKeyIdentifier(messageDigest.digest(subjectPublicKeyInfo.getSubjectPublicKey()))));
            TBSCertificate tBSCertificate = new TBSCertificate(2, bigInteger, algorithmIdentifier, name, validity, name, subjectPublicKeyInfo, (boolean[]) null, (boolean[]) null, new Extensions(arrayList));
            Signature signature = Signature.getInstance(algorithmIdentifier.getAlgorithm());
            signature.initSign(m78super.getPrivate());
            signature.update(tBSCertificate.getEncoded());
            return new CertImpl((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(new Certificate(tBSCertificate, algorithmIdentifier, signature.sign()).getEncoded())));
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    @Override // com.tibco.security.CSR
    public ShroudedPK getPrivateKey() {
        return this.privateKey;
    }

    @Override // com.tibco.security.CSR
    public PublicKey getPublicKey() {
        return this.m_publicKey;
    }
}
