package org.jruby.ext.openssl;

import java.io.IOException;
import java.io.StringWriter;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERString;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.OpenSSLReal;
import org.jruby.ext.openssl.impl.ASN1Registry;
import org.jruby.ext.openssl.x509store.PEMInputOutput;
import org.jruby.runtime.Arity;
import org.jruby.runtime.Block;
import org.jruby.runtime.ObjectAllocator;
import org.jruby.runtime.builtin.IRubyObject;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/Request.class */
public class Request extends RubyObject {
    private static final long serialVersionUID = -5551557929791764918L;
    private static ObjectAllocator REQUEST_ALLOCATOR = new ObjectAllocator() { // from class: org.jruby.ext.openssl.Request.1
        @Override // org.jruby.runtime.ObjectAllocator
        public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
            return new Request(ruby, rubyClass);
        }
    };
    private IRubyObject version;
    private IRubyObject subject;
    private IRubyObject public_key;
    private boolean valid;
    private List<IRubyObject> attrs;
    private PKCS10CertificationRequestExt req;

    public static void createRequest(Ruby ruby, RubyModule rubyModule) {
        RubyClass defineClassUnder = rubyModule.defineClassUnder("Request", ruby.getObject(), REQUEST_ALLOCATOR);
        RubyClass rubyClass = ruby.getModule("OpenSSL").getClass("OpenSSLError");
        rubyModule.defineClassUnder("RequestError", rubyClass, rubyClass.getAllocator());
        defineClassUnder.defineAnnotatedMethods(Request.class);
    }

    public Request(Ruby ruby, RubyClass rubyClass) {
        super(ruby, rubyClass);
        this.valid = false;
        this.attrs = new ArrayList();
    }

    @JRubyMethod(name = {"initialize"}, frame = true, rest = true)
    public IRubyObject _initialize(IRubyObject[] iRubyObjectArr, Block block) {
        if (Arity.checkArgumentCount(getRuntime(), iRubyObjectArr, 0, 1) == 0) {
            return this;
        }
        this.req = new PKCS10CertificationRequestExt(OpenSSLImpl.readX509PEM(iRubyObjectArr[0]));
        this.version = getRuntime().newFixnum(this.req.getVersion());
        try {
            PublicKey publicKey = (PublicKey) OpenSSLReal.getWithBCProvider(new OpenSSLReal.Callable() { // from class: org.jruby.ext.openssl.Request.2
                @Override // org.jruby.ext.openssl.OpenSSLReal.Callable
                public Object call() throws GeneralSecurityException {
                    return Request.this.req.getPublicKey("BC");
                }
            });
            String algorithm = publicKey.getAlgorithm();
            byte[] encoded = publicKey.getEncoded();
            if ("RSA".equalsIgnoreCase(algorithm)) {
                this.public_key = Utils.newRubyInstance(getRuntime(), "OpenSSL::PKey::RSA", RubyString.newString(getRuntime(), encoded));
            } else {
                if (!ASN1Registry.SN_dsa.equalsIgnoreCase(algorithm)) {
                    throw getRuntime().newLoadError("not implemented algo for public key: " + algorithm);
                }
                this.public_key = Utils.newRubyInstance(getRuntime(), "OpenSSL::PKey::DSA", RubyString.newString(getRuntime(), encoded));
            }
            org.bouncycastle.asn1.x509.X509Name subject = this.req.getCertificationRequestInfo().getSubject();
            this.subject = Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Name");
            DERSequence dERSequence = (DERSequence) subject.toASN1Object();
            for (int i = 0; i < dERSequence.size(); i++) {
                DERSequence dERSequence2 = (DERSequence) ((DERSet) dERSequence.getObjectAt(i)).getObjectAt(0);
                DEREncodable objectAt = dERSequence2.getObjectAt(0);
                String str = null;
                if (dERSequence2.getObjectAt(1) instanceof DERString) {
                    str = ((DERString) dERSequence2.getObjectAt(1)).getString();
                }
                ((X509Name) this.subject).addEntry(objectAt, str, getRuntime().newFixnum(ASN1.idForClass(dERSequence2.getObjectAt(1).getClass())));
            }
            Enumeration objects = this.req.getCertificationRequestInfo().getAttributes().getObjects();
            while (objects.hasMoreElements()) {
                DERSequence dERSequence3 = (DERSequence) objects.nextElement();
                add_attribute(Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Attribute", new IRubyObject[]{getRuntime().newString(ASN1.getSymLookup(getRuntime()).get((DERObjectIdentifier) dERSequence3.getObjectAt(0))), ASN1.decode(getRuntime().getClassFromPath("OpenSSL::ASN1"), RubyString.newString(getRuntime(), ((DERObject) dERSequence3.getObjectAt(1)).getDEREncoded()))}));
            }
            this.valid = true;
            return this;
        } catch (GeneralSecurityException e) {
            throw newX509ReqError(getRuntime(), e.getMessage());
        }
    }

    @Override // org.jruby.RubyBasicObject
    @JRubyMethod
    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        System.err.println("WARNING: unimplemented method called: init_copy");
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        this.version = getRuntime().getNil();
        this.subject = getRuntime().getNil();
        this.public_key = getRuntime().getNil();
        return this;
    }

    @JRubyMethod(name = {"to_pem", "to_s"})
    public IRubyObject to_pem() {
        StringWriter stringWriter = new StringWriter();
        try {
            try {
                PEMInputOutput.writeX509Request(stringWriter, this.req);
                return getRuntime().newString(stringWriter.toString());
            } catch (IOException e) {
                throw getRuntime().newIOErrorFromException(e);
            }
        } finally {
            try {
                stringWriter.close();
            } catch (Exception e2) {
            }
        }
    }

    @JRubyMethod
    public IRubyObject to_der() {
        return RubyString.newString(getRuntime(), this.req.getDEREncoded());
    }

    @JRubyMethod
    public IRubyObject to_text() {
        System.err.println("WARNING: unimplemented method called: to_text");
        return getRuntime().getNil();
    }

    @JRubyMethod
    public IRubyObject version() {
        return this.version;
    }

    @JRubyMethod(name = {"version="})
    public IRubyObject set_version(IRubyObject iRubyObject) {
        if (iRubyObject != this.version) {
            this.valid = false;
        }
        this.version = iRubyObject;
        if (!iRubyObject.isNil() && this.req != null) {
            this.req.setVersion(RubyNumeric.fix2int(iRubyObject));
        }
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject subject() {
        return this.subject;
    }

    @JRubyMethod(name = {"subject="})
    public IRubyObject set_subject(IRubyObject iRubyObject) {
        if (iRubyObject != this.subject) {
            this.valid = false;
        }
        this.subject = iRubyObject;
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject signature_algorithm() {
        System.err.println("WARNING: unimplemented method called: signature_algorithm");
        return getRuntime().getNil();
    }

    @JRubyMethod
    public IRubyObject public_key() {
        return this.public_key;
    }

    @JRubyMethod(name = {"public_key="})
    public IRubyObject set_public_key(IRubyObject iRubyObject) {
        if (iRubyObject != this.public_key) {
            this.valid = false;
        }
        this.public_key = iRubyObject;
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject sign(final IRubyObject iRubyObject, IRubyObject iRubyObject2) {
        final String algorithm = ((PKey) this.public_key).getAlgorithm();
        final String shortAlgorithm = ((Digest) iRubyObject2).getShortAlgorithm();
        if ((ASN1Registry.SN_dsa.equalsIgnoreCase(algorithm) && "MD5".equalsIgnoreCase(shortAlgorithm)) || (("RSA".equalsIgnoreCase(algorithm) && "DSS1".equals(((Digest) iRubyObject2).name().toString())) || (ASN1Registry.SN_dsa.equalsIgnoreCase(algorithm) && "SHA1".equals(((Digest) iRubyObject2).name().toString())))) {
            throw newX509ReqError(getRuntime(), null);
        }
        final ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Iterator<IRubyObject> it = this.attrs.iterator();
        while (it.hasNext()) {
            aSN1EncodableVector.add(((Attribute) it.next()).toASN1());
        }
        try {
            OpenSSLReal.doWithBCProvider(new OpenSSLReal.Runnable() { // from class: org.jruby.ext.openssl.Request.3
                @Override // org.jruby.ext.openssl.OpenSSLReal.Runnable
                public void run() throws GeneralSecurityException {
                    Request.this.req = new PKCS10CertificationRequestExt(shortAlgorithm + "WITH" + algorithm, ((X509Name) Request.this.subject).getRealName(), ((PKey) Request.this.public_key).getPublicKey(), new DERSet(aSN1EncodableVector), ((PKey) iRubyObject).getPrivateKey(), "BC");
                }
            });
            this.req.setVersion(RubyNumeric.fix2int(this.version));
            this.valid = true;
            return this;
        } catch (GeneralSecurityException e) {
            throw newX509ReqError(getRuntime(), e.getMessage());
        }
    }

    @JRubyMethod
    public IRubyObject verify(IRubyObject iRubyObject) {
        try {
            return (this.valid && this.req.verify(((PKey) iRubyObject.callMethod(getRuntime().getCurrentContext(), "public_key")).getPublicKey())) ? getRuntime().getTrue() : getRuntime().getFalse();
        } catch (Exception e) {
            return getRuntime().getFalse();
        }
    }

    @JRubyMethod
    public IRubyObject attributes() {
        return getRuntime().newArray(this.attrs);
    }

    @JRubyMethod(name = {"attributes="})
    public IRubyObject set_attributes(IRubyObject iRubyObject) {
        this.valid = false;
        this.attrs.clear();
        this.attrs.addAll(((RubyArray) iRubyObject).getList());
        if (this.req != null) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator<IRubyObject> it = this.attrs.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.add(((Attribute) it.next()).toASN1());
            }
            this.req.setAttributes(new DERSet(aSN1EncodableVector));
        }
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject add_attribute(IRubyObject iRubyObject) {
        this.valid = false;
        this.attrs.add(iRubyObject);
        if (this.req != null) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator<IRubyObject> it = this.attrs.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector.add(((Attribute) it.next()).toASN1());
            }
            this.req.setAttributes(new DERSet(aSN1EncodableVector));
        }
        return getRuntime().getNil();
    }

    private static RaiseException newX509ReqError(Ruby ruby, String str) {
        return Utils.newError(ruby, "OpenSSL::X509::RequestError", str);
    }
}
