package cn.com.jit.ida.util.pki.cert;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.asn1.DEREncodableVector;
import cn.com.jit.ida.util.pki.asn1.DERGeneralizedTime;
import cn.com.jit.ida.util.pki.asn1.DERInteger;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DERSequence;
import cn.com.jit.ida.util.pki.asn1.DERSet;
import cn.com.jit.ida.util.pki.asn1.DERTaggedObject;
import cn.com.jit.ida.util.pki.asn1.DERUTF8String;
import cn.com.jit.ida.util.pki.asn1.x509.AttCertIssuer;
import cn.com.jit.ida.util.pki.asn1.x509.Attribute;
import cn.com.jit.ida.util.pki.asn1.x509.AttributeCertificateInfo;
import cn.com.jit.ida.util.pki.asn1.x509.ClearanceAttribute;
import cn.com.jit.ida.util.pki.asn1.x509.GeneralName;
import cn.com.jit.ida.util.pki.asn1.x509.GeneralNames;
import cn.com.jit.ida.util.pki.asn1.x509.GroupAttribute;
import cn.com.jit.ida.util.pki.asn1.x509.Holder;
import cn.com.jit.ida.util.pki.asn1.x509.RoleAttribute;
import cn.com.jit.ida.util.pki.asn1.x509.RoleSyntax;
import cn.com.jit.ida.util.pki.asn1.x509.V2X509AttCertGenerator;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.Session;
import java.io.File;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Random;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMResult;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamSource;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.w3c.dom.Text;

/* loaded from: input_file:WEB-INF/lib/jit-pkitool-3.0.42.jar:cn/com/jit/ida/util/pki/cert/X509AttCertGenerator.class */
public class X509AttCertGenerator extends V2X509AttCertGenerator {
    public void setHolder(String str) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.HOLDER_NULL, PKIException.HOLDER_NULL_DES);
        }
        getV2AttCert().setHolder(Holder.getInstance(str));
    }

    public void setIssuer(String str) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.ISSUER_NULL, PKIException.ISSUER_NULL_DES);
        }
        getV2AttCert().setIssuer(AttCertIssuer.getInstance(str));
    }

    public void setSerialNumber(String str) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.SN_NULL, PKIException.SN_NULL_DES);
        }
        getV2AttCert().setSerialNumber(new DERInteger(new BigInteger(str, 16)));
    }

    public void setSerialNumber(BigInteger bigInteger) throws PKIException {
        if (bigInteger == null) {
            throw new PKIException(PKIException.SN_NULL, PKIException.SN_NULL_DES);
        }
        getV2AttCert().setSerialNumber(new DERInteger(bigInteger));
    }

    public void setNotbefore(Date date) throws PKIException {
        if (date == null) {
            throw new PKIException(PKIException.NOT_BEFORE_NULL, "The certificate expiration time can not be empty");
        }
        getV2AttCert().setStartDate(new DERGeneralizedTime(date));
    }

    public void setNotafter(Date date) throws PKIException {
        if (date == null) {
            throw new PKIException(PKIException.NOT_AFTER_NULL, "The certificate expiration time can not be empty");
        }
        getV2AttCert().setEndDate(new DERGeneralizedTime(date));
    }

    public void setRoleAttribute(String str, String str2) throws PKIException {
        if (str == null) {
            throw new PKIException(PKIException.ROLE_AUTHORITY_NULL, PKIException.ROLE_AUTHORITY_NULL_DES);
        }
        if (str2 == null) {
            throw new PKIException(PKIException.ROLE_NAME_NULL, PKIException.ROLE_NAME_NULL_DES);
        }
        RoleSyntax roleSyntax = new RoleSyntax(createAuthority(str), createRoleName(str2));
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        dEREncodableVector.add(roleSyntax);
        addAttribute(new Attribute(new DERObjectIdentifier(Attribute.ROLE_ATTRIBUTE_OID), new DERSet(dEREncodableVector)));
    }

    public RoleAttribute createRoleAttribute() {
        return new RoleAttribute();
    }

    public GroupAttribute createGroupAttribute() {
        return new GroupAttribute();
    }

    public ClearanceAttribute createClearanceAttribute() {
        return new ClearanceAttribute();
    }

    @Override // cn.com.jit.ida.util.pki.asn1.x509.V2X509AttCertGenerator
    public void addAttribute(Attribute attribute) {
        getV2AttCert().addAttribute(attribute);
    }

    public List generateX509AttCerts(JKey jKey, Session session, Document document) throws PKIException {
        ArrayList arrayList = new ArrayList();
        Document translate = translate(document);
        NodeList elementsByTagName = translate.getDocumentElement().getElementsByTagName("AttributeCertificateInfo");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            addSerialNumber(element, getSerialNumber(), translate);
            setAttCertInfo(new AttributeCertificateInfo(element));
            setSignatureAlg(V2X509AttCertGenerator.generateMechanisNameByOID(getAttCertInfo().getSignature().getObjectId().getId()));
            signCertInfo(jKey, session);
            arrayList.add(constructAttCertificate());
        }
        return arrayList;
    }

    private String getSerialNumber() {
        Random random = new Random();
        long nextLong = random.nextLong();
        long nextLong2 = random.nextLong();
        return (String.valueOf(Long.toHexString(nextLong)) + Long.toHexString(nextLong2)).toUpperCase();
    }

    private void addSerialNumber(Element element, String str, Document document) {
        Element element2 = (Element) element.getElementsByTagName("serialNumber").item(0);
        Text createTextNode = document.createTextNode("serialNumberText");
        createTextNode.setData(str);
        element2.appendChild(createTextNode);
    }

    private Document translate(Document document) throws PKIException {
        DOMSource dOMSource = new DOMSource(document);
        StreamSource streamSource = new StreamSource(new File("Template/TransRequest.xsl"));
        DOMResult dOMResult = new DOMResult();
        try {
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer(streamSource);
            newTransformer.setOutputProperty("encoding", "gb2312");
            newTransformer.setOutputProperty(OutputKeys.INDENT, "yes");
            try {
                newTransformer.transform(dOMSource, dOMResult);
                return (Document) dOMResult.getNode();
            } catch (TransformerException e) {
                throw new PKIException("An error occurred while converting an XML document", e);
            }
        } catch (TransformerConfigurationException e2) {
            throw new PKIException("An error occurred while reading the conversion file xsl", e2);
        }
    }

    private GeneralNames createAuthority(String str) {
        DERUTF8String dERUTF8String = new DERUTF8String(str);
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(RoleSyntax.JIT_ROLE_OTHER_NAME_ID);
        DERTaggedObject dERTaggedObject = new DERTaggedObject(true, 0, dERUTF8String);
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        dEREncodableVector.add(dERObjectIdentifier);
        dEREncodableVector.add(dERTaggedObject);
        DERTaggedObject dERTaggedObject2 = new DERTaggedObject(true, 0, new DERSequence(dEREncodableVector));
        DEREncodableVector dEREncodableVector2 = new DEREncodableVector();
        dEREncodableVector2.add(dERTaggedObject2);
        return GeneralNames.getInstance(new DERSequence(dEREncodableVector2));
    }

    private GeneralName createRoleName(String str) {
        DERUTF8String dERUTF8String = new DERUTF8String(str);
        DERObjectIdentifier dERObjectIdentifier = new DERObjectIdentifier(RoleSyntax.JIT_ROLE_OTHER_NAME_ID);
        DERTaggedObject dERTaggedObject = new DERTaggedObject(0, dERUTF8String);
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        dEREncodableVector.add(dERObjectIdentifier);
        dEREncodableVector.add(dERTaggedObject);
        return GeneralName.getInstance(new DERTaggedObject(true, 0, GeneralNames.getInstance(new DERSequence(new DERSequence(dEREncodableVector)))));
    }
}
