package org.jruby.ext.openssl;

import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.pkcs.Attribute;
import org.bouncycastle.asn1.x500.X500Name;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyModule;
import org.jruby.RubyObject;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.impl.ASN1Registry;
import org.jruby.ext.openssl.impl.PKCS10Request;
import org.jruby.ext.openssl.x509store.PEMInputOutput;
import org.jruby.runtime.Arity;
import org.jruby.runtime.ObjectAllocator;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.Visibility;
import org.jruby.runtime.builtin.IRubyObject;

/* loaded from: input_file:/home/enebo/work/release/lib/target/classes/META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/X509Request.class */
public class X509Request extends RubyObject {
    private static final long serialVersionUID = -2886532636278901502L;
    private static ObjectAllocator REQUEST_ALLOCATOR = new ObjectAllocator() { // from class: org.jruby.ext.openssl.X509Request.1
        public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
            return new X509Request(ruby, rubyClass);
        }
    };
    private IRubyObject subject;
    private PKey public_key;
    private IRubyObject version;
    private final List<X509Attribute> attributes;
    private transient PKCS10Request request;

    public static void createRequest(Ruby ruby, RubyModule rubyModule) {
        RubyClass defineClassUnder = rubyModule.defineClassUnder("Request", ruby.getObject(), REQUEST_ALLOCATOR);
        RubyClass rubyClass = ruby.getModule("OpenSSL").getClass("OpenSSLError");
        rubyModule.defineClassUnder("RequestError", rubyClass, rubyClass.getAllocator());
        defineClassUnder.defineAnnotatedMethods(X509Request.class);
    }

    static RubyClass _RequestError(Ruby ruby) {
        return X509._X509(ruby).getConstantAt("RequestError");
    }

    public X509Request(Ruby ruby, RubyClass rubyClass) {
        super(ruby, rubyClass);
        this.attributes = new ArrayList(4);
    }

    @JRubyMethod(name = {"initialize"}, rest = true, visibility = Visibility.PRIVATE)
    public IRubyObject initialize(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        Ruby ruby = threadContext.runtime;
        if (Arity.checkArgumentCount(ruby, iRubyObjectArr, 0, 1) == 0) {
            return this;
        }
        try {
            this.request = new PKCS10Request(StringHelper.readX509PEM(threadContext, iRubyObjectArr[0]));
            try {
                PublicKey generatePublicKey = this.request.generatePublicKey();
                String algorithm = generatePublicKey.getAlgorithm();
                RubyString newString = RubyString.newString(ruby, generatePublicKey.getEncoded());
                if ("RSA".equalsIgnoreCase(algorithm)) {
                    this.public_key = newPKeyImplInstance(threadContext, "RSA", newString);
                } else {
                    if (!ASN1Registry.SN_dsa.equalsIgnoreCase(algorithm)) {
                        throw ruby.newNotImplementedError("public key algorithm: " + algorithm);
                    }
                    this.public_key = newPKeyImplInstance(threadContext, ASN1Registry.SN_dsa, newString);
                }
                this.subject = newName(threadContext, this.request.getSubject());
                Attribute[] attributes = this.request.getAttributes();
                if (attributes != null) {
                    try {
                        for (Attribute attribute : attributes) {
                            this.attributes.add(newAttribute(threadContext, attribute.getAttrType(), attribute.getAttrValues()));
                        }
                    } catch (IOException e) {
                        throw newRequestError(ruby, e);
                    }
                }
                return this;
            } catch (IOException e2) {
                throw newRequestError(ruby, e2);
            } catch (GeneralSecurityException e3) {
                throw newRequestError(ruby, e3);
            }
        } catch (RuntimeException e4) {
            OpenSSL.debugStackTrace(ruby, e4);
            throw newRequestError(ruby, "invalid certificate request data", e4);
        }
    }

    private static PKey newPKeyImplInstance(ThreadContext threadContext, String str, RubyString rubyString) {
        return PKey._PKey(threadContext.runtime).getClass(str).callMethod(threadContext, "new", rubyString);
    }

    private static X509Attribute newAttribute(ThreadContext threadContext, ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1Set aSN1Set) throws IOException {
        return X509Attribute.newAttribute(threadContext.runtime, aSN1ObjectIdentifier, aSN1Set);
    }

    private static IRubyObject newName(ThreadContext threadContext, X500Name x500Name) {
        return x500Name == null ? threadContext.nil : X509Name.newName(threadContext.runtime, x500Name);
    }

    @JRubyMethod(visibility = Visibility.PRIVATE)
    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        OpenSSL.warn(getRuntime().getCurrentContext(), "WARNING: unimplemented method called: request#initialize_copy");
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        return this;
    }

    private PKCS10Request getRequest() {
        if (this.request != null) {
            return this.request;
        }
        PublicKey publicKey = null;
        if (this.public_key != null && !this.public_key.isNil()) {
            publicKey = this.public_key.getPublicKey();
        }
        PKCS10Request pKCS10Request = new PKCS10Request(this.subject != null ? getX500Name(this.subject) : null, publicKey, newAttributesImpl(getRuntime().getCurrentContext()));
        this.request = pKCS10Request;
        return pKCS10Request;
    }

    private static X500Name getX500Name(IRubyObject iRubyObject) {
        if (iRubyObject.isNil()) {
            return null;
        }
        return ((X509Name) iRubyObject).getX500Name();
    }

    @JRubyMethod(name = {"to_pem", "to_s"})
    public RubyString to_pem() {
        StringWriter stringWriter = new StringWriter();
        try {
            PEMInputOutput.writeX509Request(stringWriter, getRequest());
            return getRuntime().newString(stringWriter.toString());
        } catch (IOException e) {
            throw Utils.newIOError(getRuntime(), e);
        }
    }

    @JRubyMethod
    public RubyString to_der() {
        try {
            return StringHelper.newString(getRuntime(), getRequest().toASN1Structure().getEncoded(ASN1Encoding.DER));
        } catch (IOException e) {
            throw getRuntime().newIOErrorFromException(e);
        }
    }

    @JRubyMethod
    public IRubyObject to_text(ThreadContext threadContext) {
        OpenSSL.warn(threadContext, "WARNING: unimplemented method called: X509::Request#to_text");
        return threadContext.runtime.getNil();
    }

    @JRubyMethod
    public IRubyObject version() {
        BigInteger version;
        PKCS10Request request = getRequest();
        return (request == null || (version = request.getVersion()) == null) ? this.version == null ? getRuntime().newFixnum(0) : this.version : getRuntime().newFixnum(version.intValue());
    }

    @JRubyMethod(name = {"version="})
    public IRubyObject set_version(ThreadContext threadContext, IRubyObject iRubyObject) {
        OpenSSL.warn(threadContext, "X509::Request#version= has no effect on certification request");
        this.version = iRubyObject;
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject subject() {
        if (this.subject != null) {
            return this.subject;
        }
        IRubyObject nil = getRuntime().getNil();
        this.subject = nil;
        return nil;
    }

    @JRubyMethod(name = {"subject="})
    public IRubyObject set_subject(IRubyObject iRubyObject) {
        if (iRubyObject != this.subject) {
            if (this.request != null) {
                this.request.setSubject(getX500Name(iRubyObject));
            }
            this.subject = iRubyObject;
        }
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject signature_algorithm(ThreadContext threadContext) {
        OpenSSL.warn(threadContext, "WARNING: unimplemented method called: request#signature_algorithm");
        return threadContext.runtime.getNil();
    }

    @JRubyMethod
    public IRubyObject public_key() {
        return this.public_key == null ? getRuntime().getNil() : this.public_key;
    }

    @JRubyMethod(name = {"public_key="})
    public IRubyObject set_public_key(IRubyObject iRubyObject) {
        if (iRubyObject != this.public_key) {
            if (this.request != null) {
                this.request.setPublicKey(((PKey) iRubyObject).getPublicKey());
            }
            this.public_key = (PKey) iRubyObject;
        }
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject sign(ThreadContext threadContext, IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        PrivateKey privateKey = ((PKey) iRubyObject).getPrivateKey();
        Ruby ruby = threadContext.runtime;
        PKey.supportedSignatureAlgorithm(ruby, _RequestError(ruby), this.public_key, (Digest) iRubyObject2);
        String shortAlgorithm = ((Digest) iRubyObject2).getShortAlgorithm();
        try {
            this.request = null;
            getRequest().sign(privateKey, shortAlgorithm);
            return this;
        } catch (GeneralSecurityException e) {
            OpenSSL.debugStackTrace(ruby, e);
            throw newRequestError(ruby, e);
        }
    }

    private List<Attribute> newAttributesImpl(ThreadContext threadContext) {
        ArrayList arrayList = new ArrayList(this.attributes.size());
        Iterator<X509Attribute> it = this.attributes.iterator();
        while (it.hasNext()) {
            arrayList.add(newAttributeImpl(threadContext, it.next()));
        }
        return arrayList;
    }

    private Attribute newAttributeImpl(ThreadContext threadContext, X509Attribute x509Attribute) {
        return Attribute.getInstance(x509Attribute.toASN1(threadContext));
    }

    @JRubyMethod
    public IRubyObject verify(ThreadContext threadContext, IRubyObject iRubyObject) {
        Ruby ruby = threadContext.runtime;
        try {
            return ruby.newBoolean(getRequest().verify(iRubyObject.callMethod(threadContext, "public_key").getPublicKey()));
        } catch (InvalidKeyException e) {
            OpenSSL.debug(ruby, "X509::Request.verify invalid key", e);
            throw newRequestError(ruby, "invalid key supplied", e);
        }
    }

    @JRubyMethod
    public IRubyObject attributes() {
        return getRuntime().newArray(this.attributes);
    }

    @JRubyMethod(name = {"attributes="})
    public IRubyObject set_attributes(ThreadContext threadContext, IRubyObject iRubyObject) {
        this.attributes.clear();
        RubyArray rubyArray = (RubyArray) iRubyObject;
        for (int i = 0; i < rubyArray.size(); i++) {
            this.attributes.add((X509Attribute) rubyArray.entry(i));
        }
        if (this.request != null) {
            this.request.setAttributes(newAttributesImpl(threadContext));
        }
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject add_attribute(ThreadContext threadContext, IRubyObject iRubyObject) {
        this.attributes.add((X509Attribute) iRubyObject);
        if (this.request != null) {
            this.request.addAttribute(newAttributeImpl(threadContext, (X509Attribute) iRubyObject));
        }
        return iRubyObject;
    }

    private static RaiseException newRequestError(Ruby ruby, Exception exc) {
        return Utils.newError(ruby, X509._X509(ruby).getClass("RequestError"), exc);
    }

    private static RaiseException newRequestError(Ruby ruby, String str) {
        return Utils.newError(ruby, X509._X509(ruby).getClass("RequestError"), str);
    }

    private static RaiseException newRequestError(Ruby ruby, String str, Exception exc) {
        return Utils.newError(ruby, X509._X509(ruby).getClass("RequestError"), str, exc);
    }
}
