package com.venafi.vcert.sdk.certificate;

import com.google.common.annotations.VisibleForTesting;
import com.venafi.vcert.sdk.SignatureAlgorithm;
import com.venafi.vcert.sdk.VCertException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringReader;
import java.net.InetAddress;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECField;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.time.Duration;
import java.time.temporal.ChronoUnit;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.security.auth.x500.X500Principal;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.DefaultAlgorithmNameFinder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: input_file:WEB-INF/lib/vcert-java-0.9.3.jar:com/venafi/vcert/sdk/certificate/CertificateRequest.class */
public class CertificateRequest {
    private PKIXName subject;
    private String friendlyName;
    private KeyType keyType;
    private int keyLength;
    private EllipticCurve keyCurve;
    private byte[] csr;
    private KeyPair keyPair;
    private String pickupId;
    private String certId;
    private ChainOption chainOption;
    private String keyPassword;
    private boolean fetchPrivateKey;
    private String thumbprint;
    private Duration timeout;
    private int validityHours;
    private String issuerHint;
    private Collection<CustomField> customFields;
    private DataFormat dataFormat;
    private SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.UnknownSignatureAlgorithm;
    private CsrOriginOption csrOrigin = CsrOriginOption.defaultCsrOrigin();
    private Collection<String> dnsNames = Collections.emptyList();
    private Collection<String> emailAddresses = Collections.emptyList();
    private Collection<InetAddress> ipAddresses = Collections.emptyList();
    private Collection<AttributeTypeAndValueSET> attributes = Collections.emptyList();

    /* loaded from: input_file:WEB-INF/lib/vcert-java-0.9.3.jar:com/venafi/vcert/sdk/certificate/CertificateRequest$AttributeTypeAndValue.class */
    public static class AttributeTypeAndValue {
        private Collection<Integer> type;
        private Object value;

        @Generated
        public AttributeTypeAndValue() {
        }

        @Generated
        public Collection<Integer> type() {
            return this.type;
        }

        @Generated
        public Object value() {
            return this.value;
        }

        @Generated
        public AttributeTypeAndValue type(Collection<Integer> collection) {
            this.type = collection;
            return this;
        }

        @Generated
        public AttributeTypeAndValue value(Object obj) {
            this.value = obj;
            return this;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof AttributeTypeAndValue)) {
                return false;
            }
            AttributeTypeAndValue attributeTypeAndValue = (AttributeTypeAndValue) obj;
            if (!attributeTypeAndValue.canEqual(this)) {
                return false;
            }
            Collection<Integer> type = type();
            Collection<Integer> type2 = attributeTypeAndValue.type();
            if (type == null) {
                if (type2 != null) {
                    return false;
                }
            } else if (!type.equals(type2)) {
                return false;
            }
            Object value = value();
            Object value2 = attributeTypeAndValue.value();
            return value == null ? value2 == null : value.equals(value2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof AttributeTypeAndValue;
        }

        @Generated
        public int hashCode() {
            Collection<Integer> type = type();
            int hashCode = (1 * 59) + (type == null ? 43 : type.hashCode());
            Object value = value();
            return (hashCode * 59) + (value == null ? 43 : value.hashCode());
        }

        @Generated
        public String toString() {
            return "CertificateRequest.AttributeTypeAndValue(type=" + type() + ", value=" + value() + ")";
        }
    }

    /* loaded from: input_file:WEB-INF/lib/vcert-java-0.9.3.jar:com/venafi/vcert/sdk/certificate/CertificateRequest$AttributeTypeAndValueSET.class */
    public static class AttributeTypeAndValueSET {
        private Collection<Integer> type;
        private Collection<Collection<AttributeTypeAndValue>> value;

        @Generated
        public AttributeTypeAndValueSET() {
        }

        @Generated
        public Collection<Integer> type() {
            return this.type;
        }

        @Generated
        public Collection<Collection<AttributeTypeAndValue>> value() {
            return this.value;
        }

        @Generated
        public AttributeTypeAndValueSET type(Collection<Integer> collection) {
            this.type = collection;
            return this;
        }

        @Generated
        public AttributeTypeAndValueSET value(Collection<Collection<AttributeTypeAndValue>> collection) {
            this.value = collection;
            return this;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof AttributeTypeAndValueSET)) {
                return false;
            }
            AttributeTypeAndValueSET attributeTypeAndValueSET = (AttributeTypeAndValueSET) obj;
            if (!attributeTypeAndValueSET.canEqual(this)) {
                return false;
            }
            Collection<Integer> type = type();
            Collection<Integer> type2 = attributeTypeAndValueSET.type();
            if (type == null) {
                if (type2 != null) {
                    return false;
                }
            } else if (!type.equals(type2)) {
                return false;
            }
            Collection<Collection<AttributeTypeAndValue>> value = value();
            Collection<Collection<AttributeTypeAndValue>> value2 = attributeTypeAndValueSET.value();
            return value == null ? value2 == null : value.equals(value2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof AttributeTypeAndValueSET;
        }

        @Generated
        public int hashCode() {
            Collection<Integer> type = type();
            int hashCode = (1 * 59) + (type == null ? 43 : type.hashCode());
            Collection<Collection<AttributeTypeAndValue>> value = value();
            return (hashCode * 59) + (value == null ? 43 : value.hashCode());
        }

        @Generated
        public String toString() {
            return "CertificateRequest.AttributeTypeAndValueSET(type=" + type() + ", value=" + value() + ")";
        }
    }

    /* loaded from: input_file:WEB-INF/lib/vcert-java-0.9.3.jar:com/venafi/vcert/sdk/certificate/CertificateRequest$PKIXName.class */
    public static class PKIXName {
        private String commonName;
        private String serialNumber;
        private List<String> country;
        private List<String> organization;
        private List<String> organizationalUnit;
        private List<String> locality;
        private List<String> province;
        private List<String> streetAddress;
        private List<String> postalCode;
        private Collection<AttributeTypeAndValue> names;
        private Collection<AttributeTypeAndValue> extraNames;

        private static void addAll(X500NameBuilder x500NameBuilder, ASN1ObjectIdentifier aSN1ObjectIdentifier, Collection<String> collection) {
            if (collection != null) {
                collection.stream().filter((v0) -> {
                    return Objects.nonNull(v0);
                }).forEach(str -> {
                    x500NameBuilder.addRDN(aSN1ObjectIdentifier, str);
                });
            }
        }

        public X500Principal toX500Principal() throws VCertException {
            if (StringUtils.isBlank(this.commonName)) {
                throw new VCertException("common name must not be null or emtpy");
            }
            X500NameBuilder x500NameBuilder = new X500NameBuilder();
            x500NameBuilder.addRDN(BCStyle.CN, this.commonName);
            addAll(x500NameBuilder, BCStyle.C, this.country);
            addAll(x500NameBuilder, BCStyle.O, this.organization);
            addAll(x500NameBuilder, BCStyle.OU, this.organizationalUnit);
            addAll(x500NameBuilder, BCStyle.L, this.locality);
            addAll(x500NameBuilder, BCStyle.ST, this.province);
            addAll(x500NameBuilder, BCStyle.STREET, this.streetAddress);
            addAll(x500NameBuilder, BCStyle.POSTAL_CODE, this.postalCode);
            return new X500Principal(x500NameBuilder.build().toString());
        }

        @Generated
        public PKIXName() {
        }

        @Generated
        public String commonName() {
            return this.commonName;
        }

        @Generated
        public String serialNumber() {
            return this.serialNumber;
        }

        @Generated
        public List<String> country() {
            return this.country;
        }

        @Generated
        public List<String> organization() {
            return this.organization;
        }

        @Generated
        public List<String> organizationalUnit() {
            return this.organizationalUnit;
        }

        @Generated
        public List<String> locality() {
            return this.locality;
        }

        @Generated
        public List<String> province() {
            return this.province;
        }

        @Generated
        public List<String> streetAddress() {
            return this.streetAddress;
        }

        @Generated
        public List<String> postalCode() {
            return this.postalCode;
        }

        @Generated
        public Collection<AttributeTypeAndValue> names() {
            return this.names;
        }

        @Generated
        public Collection<AttributeTypeAndValue> extraNames() {
            return this.extraNames;
        }

        @Generated
        public PKIXName commonName(String str) {
            this.commonName = str;
            return this;
        }

        @Generated
        public PKIXName serialNumber(String str) {
            this.serialNumber = str;
            return this;
        }

        @Generated
        public PKIXName country(List<String> list) {
            this.country = list;
            return this;
        }

        @Generated
        public PKIXName organization(List<String> list) {
            this.organization = list;
            return this;
        }

        @Generated
        public PKIXName organizationalUnit(List<String> list) {
            this.organizationalUnit = list;
            return this;
        }

        @Generated
        public PKIXName locality(List<String> list) {
            this.locality = list;
            return this;
        }

        @Generated
        public PKIXName province(List<String> list) {
            this.province = list;
            return this;
        }

        @Generated
        public PKIXName streetAddress(List<String> list) {
            this.streetAddress = list;
            return this;
        }

        @Generated
        public PKIXName postalCode(List<String> list) {
            this.postalCode = list;
            return this;
        }

        @Generated
        public PKIXName names(Collection<AttributeTypeAndValue> collection) {
            this.names = collection;
            return this;
        }

        @Generated
        public PKIXName extraNames(Collection<AttributeTypeAndValue> collection) {
            this.extraNames = collection;
            return this;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof PKIXName)) {
                return false;
            }
            PKIXName pKIXName = (PKIXName) obj;
            if (!pKIXName.canEqual(this)) {
                return false;
            }
            String commonName = commonName();
            String commonName2 = pKIXName.commonName();
            if (commonName == null) {
                if (commonName2 != null) {
                    return false;
                }
            } else if (!commonName.equals(commonName2)) {
                return false;
            }
            String serialNumber = serialNumber();
            String serialNumber2 = pKIXName.serialNumber();
            if (serialNumber == null) {
                if (serialNumber2 != null) {
                    return false;
                }
            } else if (!serialNumber.equals(serialNumber2)) {
                return false;
            }
            List<String> country = country();
            List<String> country2 = pKIXName.country();
            if (country == null) {
                if (country2 != null) {
                    return false;
                }
            } else if (!country.equals(country2)) {
                return false;
            }
            List<String> organization = organization();
            List<String> organization2 = pKIXName.organization();
            if (organization == null) {
                if (organization2 != null) {
                    return false;
                }
            } else if (!organization.equals(organization2)) {
                return false;
            }
            List<String> organizationalUnit = organizationalUnit();
            List<String> organizationalUnit2 = pKIXName.organizationalUnit();
            if (organizationalUnit == null) {
                if (organizationalUnit2 != null) {
                    return false;
                }
            } else if (!organizationalUnit.equals(organizationalUnit2)) {
                return false;
            }
            List<String> locality = locality();
            List<String> locality2 = pKIXName.locality();
            if (locality == null) {
                if (locality2 != null) {
                    return false;
                }
            } else if (!locality.equals(locality2)) {
                return false;
            }
            List<String> province = province();
            List<String> province2 = pKIXName.province();
            if (province == null) {
                if (province2 != null) {
                    return false;
                }
            } else if (!province.equals(province2)) {
                return false;
            }
            List<String> streetAddress = streetAddress();
            List<String> streetAddress2 = pKIXName.streetAddress();
            if (streetAddress == null) {
                if (streetAddress2 != null) {
                    return false;
                }
            } else if (!streetAddress.equals(streetAddress2)) {
                return false;
            }
            List<String> postalCode = postalCode();
            List<String> postalCode2 = pKIXName.postalCode();
            if (postalCode == null) {
                if (postalCode2 != null) {
                    return false;
                }
            } else if (!postalCode.equals(postalCode2)) {
                return false;
            }
            Collection<AttributeTypeAndValue> names = names();
            Collection<AttributeTypeAndValue> names2 = pKIXName.names();
            if (names == null) {
                if (names2 != null) {
                    return false;
                }
            } else if (!names.equals(names2)) {
                return false;
            }
            Collection<AttributeTypeAndValue> extraNames = extraNames();
            Collection<AttributeTypeAndValue> extraNames2 = pKIXName.extraNames();
            return extraNames == null ? extraNames2 == null : extraNames.equals(extraNames2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof PKIXName;
        }

        @Generated
        public int hashCode() {
            String commonName = commonName();
            int hashCode = (1 * 59) + (commonName == null ? 43 : commonName.hashCode());
            String serialNumber = serialNumber();
            int hashCode2 = (hashCode * 59) + (serialNumber == null ? 43 : serialNumber.hashCode());
            List<String> country = country();
            int hashCode3 = (hashCode2 * 59) + (country == null ? 43 : country.hashCode());
            List<String> organization = organization();
            int hashCode4 = (hashCode3 * 59) + (organization == null ? 43 : organization.hashCode());
            List<String> organizationalUnit = organizationalUnit();
            int hashCode5 = (hashCode4 * 59) + (organizationalUnit == null ? 43 : organizationalUnit.hashCode());
            List<String> locality = locality();
            int hashCode6 = (hashCode5 * 59) + (locality == null ? 43 : locality.hashCode());
            List<String> province = province();
            int hashCode7 = (hashCode6 * 59) + (province == null ? 43 : province.hashCode());
            List<String> streetAddress = streetAddress();
            int hashCode8 = (hashCode7 * 59) + (streetAddress == null ? 43 : streetAddress.hashCode());
            List<String> postalCode = postalCode();
            int hashCode9 = (hashCode8 * 59) + (postalCode == null ? 43 : postalCode.hashCode());
            Collection<AttributeTypeAndValue> names = names();
            int hashCode10 = (hashCode9 * 59) + (names == null ? 43 : names.hashCode());
            Collection<AttributeTypeAndValue> extraNames = extraNames();
            return (hashCode10 * 59) + (extraNames == null ? 43 : extraNames.hashCode());
        }

        @Generated
        public String toString() {
            return "CertificateRequest.PKIXName(commonName=" + commonName() + ", serialNumber=" + serialNumber() + ", country=" + country() + ", organization=" + organization() + ", organizationalUnit=" + organizationalUnit() + ", locality=" + locality() + ", province=" + province() + ", streetAddress=" + streetAddress() + ", postalCode=" + postalCode() + ", names=" + names() + ", extraNames=" + extraNames() + ")";
        }
    }

    public Duration timeout() {
        return !Objects.isNull(this.timeout) ? this.timeout : Duration.of(5L, ChronoUnit.MINUTES);
    }

    public ChainOption chainOption() {
        return !Objects.isNull(this.chainOption) ? this.chainOption : ChainOption.ChainOptionRootFirst;
    }

    public PrivateKey privateKey() {
        if (Objects.isNull(this.keyPair)) {
            return null;
        }
        return this.keyPair.getPrivate();
    }

    public DataFormat dataFormat() {
        return !Objects.isNull(this.dataFormat) ? this.dataFormat : DataFormat.PKCS8;
    }

    public void generatePrivateKey() throws VCertException {
        if (this.keyPair != null) {
            return;
        }
        switch (this.keyType) {
            case ECDSA:
                this.keyPair = generateECDSAKeyPair(this.keyCurve);
                return;
            case RSA:
                if (this.keyLength == 0) {
                    this.keyLength = KeyType.defaultRsaLength().intValue();
                }
                this.keyPair = generateRSAKeyPair(Integer.valueOf(this.keyLength));
                return;
            default:
                throw new VCertException(String.format("Unable to generate certificate request, key type %s is not supported", this.keyType.name()));
        }
    }

    public void generateCSR() throws VCertException {
        try {
            ArrayList arrayList = new ArrayList();
            JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(this.subject.toX500Principal(), this.keyPair.getPublic());
            ContentSigner build = new JcaContentSignerBuilder(this.signatureAlgorithm.standardName()).build(this.keyPair.getPrivate());
            Iterator<String> it = this.dnsNames.iterator();
            while (it.hasNext()) {
                arrayList.add(new GeneralName(2, it.next()));
            }
            Iterator<InetAddress> it2 = this.ipAddresses.iterator();
            while (it2.hasNext()) {
                arrayList.add(new GeneralName(7, new DEROctetString(it2.next().getAddress())));
            }
            Iterator<String> it3 = this.emailAddresses.iterator();
            while (it3.hasNext()) {
                arrayList.add(new GeneralName(1, it3.next()));
            }
            if (!arrayList.isEmpty()) {
                GeneralNames generalNames = new GeneralNames((GeneralName[]) arrayList.toArray(new GeneralName[0]));
                ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
                extensionsGenerator.addExtension(Extension.subjectAlternativeName, false, (ASN1Encodable) generalNames);
                jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
            }
            PKCS10CertificationRequest build2 = jcaPKCS10CertificationRequestBuilder.build(build);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write("-----BEGIN CERTIFICATE REQUEST-----".getBytes());
            byteArrayOutputStream.write(System.lineSeparator().getBytes());
            byteArrayOutputStream.write(Base64.getMimeEncoder().encode(build2.getEncoded()));
            byteArrayOutputStream.write(System.lineSeparator().getBytes());
            byteArrayOutputStream.write("-----END CERTIFICATE REQUEST-----".getBytes());
            this.csr = byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new VCertException("Unable to generate CSR", e);
        }
    }

    @VisibleForTesting
    KeyPair generateECDSAKeyPair(EllipticCurve ellipticCurve) throws VCertException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
            keyPairGenerator.initialize(new ECGenParameterSpec(ellipticCurve.bcName()));
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e) {
            throw new VCertException(String.format("No algorithmn provider for curve %s", ellipticCurve.bcName()), e);
        } catch (NoSuchAlgorithmException | NoSuchProviderException e2) {
            throw new VCertException("No security provider found for KeyFactory.EC", e2);
        }
    }

    @VisibleForTesting
    KeyPair generateRSAKeyPair(Integer num) throws VCertException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
            keyPairGenerator.initialize(num.intValue());
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new VCertException("No security provider found for KeyFactory.RSA", e);
        } catch (NoSuchProviderException e2) {
            throw new VCertException(String.format("No algorithm provider for RSA with key length %s", Integer.toString(num.intValue())), e2);
        }
    }

    public boolean checkCertificate(Certificate certificate) throws VCertException {
        PublicKeyAlgorithm X509Type = KeyType.from(certificate.getPublicKey().getAlgorithm()).X509Type();
        if (this.keyPair != null && this.keyPair.getPublic() != null && this.keyPair.getPrivate() != null) {
            this.keyType = this.keyType == null ? KeyType.defaultKeyType() : this.keyType;
            if (this.keyType.X509Type() != X509Type) {
                throw new VCertException(String.format("unmatched key type: %s, %s", this.keyType.X509Type(), X509Type.name()));
            }
            switch (X509Type) {
                case RSA:
                    if (((RSAPublicKey) certificate.getPublicKey()).getModulus().compareTo(((RSAPublicKey) this.keyPair.getPublic()).getModulus()) != 0) {
                        throw new VCertException("unmatched key modules");
                    }
                    return true;
                case ECDSA:
                    ECPublicKey eCPublicKey = (ECPublicKey) certificate.getPublicKey();
                    ECPublicKey eCPublicKey2 = (ECPublicKey) this.keyPair.getPublic();
                    ECParameterSpec params = eCPublicKey.getParams();
                    ECParameterSpec params2 = eCPublicKey2.getParams();
                    java.security.spec.EllipticCurve curve = params.getCurve();
                    java.security.spec.EllipticCurve curve2 = params2.getCurve();
                    ECField field = curve.getField();
                    ECField field2 = curve2.getField();
                    if (params == params2) {
                        return true;
                    }
                    if (params.getCofactor() == params2.getCofactor() && params.getOrder().equals(params2.getOrder()) && params.getGenerator().equals(params2.getGenerator())) {
                        if (curve == curve2) {
                            return true;
                        }
                        if (curve.getA().equals(curve2.getA()) && curve.getB().equals(curve2.getB()) && field.getFieldSize() == field2.getFieldSize()) {
                            return true;
                        }
                    }
                    throw new VCertException("unmatched parameters for elliptic keys");
                default:
                    throw new VCertException(String.format("unknown key algorithm %s", X509Type.name()));
            }
        }
        if (!Objects.nonNull(this.csr) || this.csr.length == 0) {
            return true;
        }
        try {
            PemReader pemReader = new PemReader(new StringReader(new String(this.csr)));
            PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(pemReader.readPemObject().getContent());
            pemReader.close();
            DefaultAlgorithmNameFinder defaultAlgorithmNameFinder = new DefaultAlgorithmNameFinder();
            JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
            PublicKeyAlgorithm valueOf = PublicKeyAlgorithm.valueOf(String.valueOf(defaultAlgorithmNameFinder.getAlgorithmName(pKCS10CertificationRequest.getSubjectPublicKeyInfo().getAlgorithm())));
            if (X509Type != valueOf) {
                throw new VCertException(String.format("unmatched key type: %s, %s", X509Type, valueOf));
            }
            switch (valueOf) {
                case RSA:
                    if (((RSAPublicKey) certificate.getPublicKey()).getModulus().compareTo(((RSAPublicKey) jcaPEMKeyConverter.getPublicKey(pKCS10CertificationRequest.getSubjectPublicKeyInfo())).getModulus()) != 0) {
                        throw new VCertException("unmatched key modules");
                    }
                    break;
                case ECDSA:
                    ECPublicKey eCPublicKey3 = (ECPublicKey) certificate.getPublicKey();
                    ECPublicKey eCPublicKey4 = (ECPublicKey) jcaPEMKeyConverter.getPublicKey(pKCS10CertificationRequest.getSubjectPublicKeyInfo());
                    ECParameterSpec params3 = eCPublicKey3.getParams();
                    ECParameterSpec params4 = eCPublicKey4.getParams();
                    java.security.spec.EllipticCurve curve3 = params3.getCurve();
                    java.security.spec.EllipticCurve curve4 = params4.getCurve();
                    ECField field3 = curve3.getField();
                    ECField field4 = curve4.getField();
                    if (params3 != params4 && (params3.getCofactor() != params4.getCofactor() || !params3.getOrder().equals(params4.getOrder()) || !params3.getGenerator().equals(params4.getGenerator()) || (curve3 != curve4 && (!curve3.getA().equals(curve4.getA()) || !curve3.getB().equals(curve4.getB()) || field3.getFieldSize() != field4.getFieldSize())))) {
                        throw new VCertException("unmatched parameters for elliptic keys");
                    }
                    break;
            }
            return true;
        } catch (IOException e) {
            throw new VCertException(String.format("bad csr: %s", e.getMessage()), e);
        }
    }

    @Generated
    public PKIXName subject() {
        return this.subject;
    }

    @Generated
    public Collection<String> dnsNames() {
        return this.dnsNames;
    }

    @Generated
    public Collection<String> emailAddresses() {
        return this.emailAddresses;
    }

    @Generated
    public Collection<InetAddress> ipAddresses() {
        return this.ipAddresses;
    }

    @Generated
    public Collection<AttributeTypeAndValueSET> attributes() {
        return this.attributes;
    }

    @Generated
    public SignatureAlgorithm signatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    @Generated
    public String friendlyName() {
        return this.friendlyName;
    }

    @Generated
    public KeyType keyType() {
        return this.keyType;
    }

    @Generated
    public int keyLength() {
        return this.keyLength;
    }

    @Generated
    public EllipticCurve keyCurve() {
        return this.keyCurve;
    }

    @Generated
    public byte[] csr() {
        return this.csr;
    }

    @Generated
    public KeyPair keyPair() {
        return this.keyPair;
    }

    @Generated
    public CsrOriginOption csrOrigin() {
        return this.csrOrigin;
    }

    @Generated
    public String pickupId() {
        return this.pickupId;
    }

    @Generated
    public String certId() {
        return this.certId;
    }

    @Generated
    public String keyPassword() {
        return this.keyPassword;
    }

    @Generated
    public boolean fetchPrivateKey() {
        return this.fetchPrivateKey;
    }

    @Generated
    public String thumbprint() {
        return this.thumbprint;
    }

    @Generated
    public int validityHours() {
        return this.validityHours;
    }

    @Generated
    public String issuerHint() {
        return this.issuerHint;
    }

    @Generated
    public Collection<CustomField> customFields() {
        return this.customFields;
    }

    @Generated
    public CertificateRequest subject(PKIXName pKIXName) {
        this.subject = pKIXName;
        return this;
    }

    @Generated
    public CertificateRequest dnsNames(Collection<String> collection) {
        this.dnsNames = collection;
        return this;
    }

    @Generated
    public CertificateRequest emailAddresses(Collection<String> collection) {
        this.emailAddresses = collection;
        return this;
    }

    @Generated
    public CertificateRequest ipAddresses(Collection<InetAddress> collection) {
        this.ipAddresses = collection;
        return this;
    }

    @Generated
    public CertificateRequest attributes(Collection<AttributeTypeAndValueSET> collection) {
        this.attributes = collection;
        return this;
    }

    @Generated
    public CertificateRequest signatureAlgorithm(SignatureAlgorithm signatureAlgorithm) {
        this.signatureAlgorithm = signatureAlgorithm;
        return this;
    }

    @Generated
    public CertificateRequest friendlyName(String str) {
        this.friendlyName = str;
        return this;
    }

    @Generated
    public CertificateRequest keyType(KeyType keyType) {
        this.keyType = keyType;
        return this;
    }

    @Generated
    public CertificateRequest keyLength(int i) {
        this.keyLength = i;
        return this;
    }

    @Generated
    public CertificateRequest keyCurve(EllipticCurve ellipticCurve) {
        this.keyCurve = ellipticCurve;
        return this;
    }

    @Generated
    public CertificateRequest csr(byte[] bArr) {
        this.csr = bArr;
        return this;
    }

    @Generated
    public CertificateRequest keyPair(KeyPair keyPair) {
        this.keyPair = keyPair;
        return this;
    }

    @Generated
    public CertificateRequest csrOrigin(CsrOriginOption csrOriginOption) {
        this.csrOrigin = csrOriginOption;
        return this;
    }

    @Generated
    public CertificateRequest pickupId(String str) {
        this.pickupId = str;
        return this;
    }

    @Generated
    public CertificateRequest certId(String str) {
        this.certId = str;
        return this;
    }

    @Generated
    public CertificateRequest chainOption(ChainOption chainOption) {
        this.chainOption = chainOption;
        return this;
    }

    @Generated
    public CertificateRequest keyPassword(String str) {
        this.keyPassword = str;
        return this;
    }

    @Generated
    public CertificateRequest fetchPrivateKey(boolean z) {
        this.fetchPrivateKey = z;
        return this;
    }

    @Generated
    public CertificateRequest thumbprint(String str) {
        this.thumbprint = str;
        return this;
    }

    @Generated
    public CertificateRequest timeout(Duration duration) {
        this.timeout = duration;
        return this;
    }

    @Generated
    public CertificateRequest validityHours(int i) {
        this.validityHours = i;
        return this;
    }

    @Generated
    public CertificateRequest issuerHint(String str) {
        this.issuerHint = str;
        return this;
    }

    @Generated
    public CertificateRequest customFields(Collection<CustomField> collection) {
        this.customFields = collection;
        return this;
    }

    @Generated
    public CertificateRequest dataFormat(DataFormat dataFormat) {
        this.dataFormat = dataFormat;
        return this;
    }

    @Generated
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof CertificateRequest)) {
            return false;
        }
        CertificateRequest certificateRequest = (CertificateRequest) obj;
        if (!certificateRequest.canEqual(this) || keyLength() != certificateRequest.keyLength() || fetchPrivateKey() != certificateRequest.fetchPrivateKey() || validityHours() != certificateRequest.validityHours()) {
            return false;
        }
        PKIXName subject = subject();
        PKIXName subject2 = certificateRequest.subject();
        if (subject == null) {
            if (subject2 != null) {
                return false;
            }
        } else if (!subject.equals(subject2)) {
            return false;
        }
        Collection<String> dnsNames = dnsNames();
        Collection<String> dnsNames2 = certificateRequest.dnsNames();
        if (dnsNames == null) {
            if (dnsNames2 != null) {
                return false;
            }
        } else if (!dnsNames.equals(dnsNames2)) {
            return false;
        }
        Collection<String> emailAddresses = emailAddresses();
        Collection<String> emailAddresses2 = certificateRequest.emailAddresses();
        if (emailAddresses == null) {
            if (emailAddresses2 != null) {
                return false;
            }
        } else if (!emailAddresses.equals(emailAddresses2)) {
            return false;
        }
        Collection<InetAddress> ipAddresses = ipAddresses();
        Collection<InetAddress> ipAddresses2 = certificateRequest.ipAddresses();
        if (ipAddresses == null) {
            if (ipAddresses2 != null) {
                return false;
            }
        } else if (!ipAddresses.equals(ipAddresses2)) {
            return false;
        }
        Collection<AttributeTypeAndValueSET> attributes = attributes();
        Collection<AttributeTypeAndValueSET> attributes2 = certificateRequest.attributes();
        if (attributes == null) {
            if (attributes2 != null) {
                return false;
            }
        } else if (!attributes.equals(attributes2)) {
            return false;
        }
        SignatureAlgorithm signatureAlgorithm = signatureAlgorithm();
        SignatureAlgorithm signatureAlgorithm2 = certificateRequest.signatureAlgorithm();
        if (signatureAlgorithm == null) {
            if (signatureAlgorithm2 != null) {
                return false;
            }
        } else if (!signatureAlgorithm.equals(signatureAlgorithm2)) {
            return false;
        }
        String friendlyName = friendlyName();
        String friendlyName2 = certificateRequest.friendlyName();
        if (friendlyName == null) {
            if (friendlyName2 != null) {
                return false;
            }
        } else if (!friendlyName.equals(friendlyName2)) {
            return false;
        }
        KeyType keyType = keyType();
        KeyType keyType2 = certificateRequest.keyType();
        if (keyType == null) {
            if (keyType2 != null) {
                return false;
            }
        } else if (!keyType.equals(keyType2)) {
            return false;
        }
        EllipticCurve keyCurve = keyCurve();
        EllipticCurve keyCurve2 = certificateRequest.keyCurve();
        if (keyCurve == null) {
            if (keyCurve2 != null) {
                return false;
            }
        } else if (!keyCurve.equals(keyCurve2)) {
            return false;
        }
        if (!Arrays.equals(csr(), certificateRequest.csr())) {
            return false;
        }
        KeyPair keyPair = keyPair();
        KeyPair keyPair2 = certificateRequest.keyPair();
        if (keyPair == null) {
            if (keyPair2 != null) {
                return false;
            }
        } else if (!keyPair.equals(keyPair2)) {
            return false;
        }
        CsrOriginOption csrOrigin = csrOrigin();
        CsrOriginOption csrOrigin2 = certificateRequest.csrOrigin();
        if (csrOrigin == null) {
            if (csrOrigin2 != null) {
                return false;
            }
        } else if (!csrOrigin.equals(csrOrigin2)) {
            return false;
        }
        String pickupId = pickupId();
        String pickupId2 = certificateRequest.pickupId();
        if (pickupId == null) {
            if (pickupId2 != null) {
                return false;
            }
        } else if (!pickupId.equals(pickupId2)) {
            return false;
        }
        String certId = certId();
        String certId2 = certificateRequest.certId();
        if (certId == null) {
            if (certId2 != null) {
                return false;
            }
        } else if (!certId.equals(certId2)) {
            return false;
        }
        ChainOption chainOption = chainOption();
        ChainOption chainOption2 = certificateRequest.chainOption();
        if (chainOption == null) {
            if (chainOption2 != null) {
                return false;
            }
        } else if (!chainOption.equals(chainOption2)) {
            return false;
        }
        String keyPassword = keyPassword();
        String keyPassword2 = certificateRequest.keyPassword();
        if (keyPassword == null) {
            if (keyPassword2 != null) {
                return false;
            }
        } else if (!keyPassword.equals(keyPassword2)) {
            return false;
        }
        String thumbprint = thumbprint();
        String thumbprint2 = certificateRequest.thumbprint();
        if (thumbprint == null) {
            if (thumbprint2 != null) {
                return false;
            }
        } else if (!thumbprint.equals(thumbprint2)) {
            return false;
        }
        Duration timeout = timeout();
        Duration timeout2 = certificateRequest.timeout();
        if (timeout == null) {
            if (timeout2 != null) {
                return false;
            }
        } else if (!timeout.equals(timeout2)) {
            return false;
        }
        String issuerHint = issuerHint();
        String issuerHint2 = certificateRequest.issuerHint();
        if (issuerHint == null) {
            if (issuerHint2 != null) {
                return false;
            }
        } else if (!issuerHint.equals(issuerHint2)) {
            return false;
        }
        Collection<CustomField> customFields = customFields();
        Collection<CustomField> customFields2 = certificateRequest.customFields();
        if (customFields == null) {
            if (customFields2 != null) {
                return false;
            }
        } else if (!customFields.equals(customFields2)) {
            return false;
        }
        DataFormat dataFormat = dataFormat();
        DataFormat dataFormat2 = certificateRequest.dataFormat();
        return dataFormat == null ? dataFormat2 == null : dataFormat.equals(dataFormat2);
    }

    @Generated
    protected boolean canEqual(Object obj) {
        return obj instanceof CertificateRequest;
    }

    @Generated
    public int hashCode() {
        int keyLength = (((((1 * 59) + keyLength()) * 59) + (fetchPrivateKey() ? 79 : 97)) * 59) + validityHours();
        PKIXName subject = subject();
        int hashCode = (keyLength * 59) + (subject == null ? 43 : subject.hashCode());
        Collection<String> dnsNames = dnsNames();
        int hashCode2 = (hashCode * 59) + (dnsNames == null ? 43 : dnsNames.hashCode());
        Collection<String> emailAddresses = emailAddresses();
        int hashCode3 = (hashCode2 * 59) + (emailAddresses == null ? 43 : emailAddresses.hashCode());
        Collection<InetAddress> ipAddresses = ipAddresses();
        int hashCode4 = (hashCode3 * 59) + (ipAddresses == null ? 43 : ipAddresses.hashCode());
        Collection<AttributeTypeAndValueSET> attributes = attributes();
        int hashCode5 = (hashCode4 * 59) + (attributes == null ? 43 : attributes.hashCode());
        SignatureAlgorithm signatureAlgorithm = signatureAlgorithm();
        int hashCode6 = (hashCode5 * 59) + (signatureAlgorithm == null ? 43 : signatureAlgorithm.hashCode());
        String friendlyName = friendlyName();
        int hashCode7 = (hashCode6 * 59) + (friendlyName == null ? 43 : friendlyName.hashCode());
        KeyType keyType = keyType();
        int hashCode8 = (hashCode7 * 59) + (keyType == null ? 43 : keyType.hashCode());
        EllipticCurve keyCurve = keyCurve();
        int hashCode9 = (((hashCode8 * 59) + (keyCurve == null ? 43 : keyCurve.hashCode())) * 59) + Arrays.hashCode(csr());
        KeyPair keyPair = keyPair();
        int hashCode10 = (hashCode9 * 59) + (keyPair == null ? 43 : keyPair.hashCode());
        CsrOriginOption csrOrigin = csrOrigin();
        int hashCode11 = (hashCode10 * 59) + (csrOrigin == null ? 43 : csrOrigin.hashCode());
        String pickupId = pickupId();
        int hashCode12 = (hashCode11 * 59) + (pickupId == null ? 43 : pickupId.hashCode());
        String certId = certId();
        int hashCode13 = (hashCode12 * 59) + (certId == null ? 43 : certId.hashCode());
        ChainOption chainOption = chainOption();
        int hashCode14 = (hashCode13 * 59) + (chainOption == null ? 43 : chainOption.hashCode());
        String keyPassword = keyPassword();
        int hashCode15 = (hashCode14 * 59) + (keyPassword == null ? 43 : keyPassword.hashCode());
        String thumbprint = thumbprint();
        int hashCode16 = (hashCode15 * 59) + (thumbprint == null ? 43 : thumbprint.hashCode());
        Duration timeout = timeout();
        int hashCode17 = (hashCode16 * 59) + (timeout == null ? 43 : timeout.hashCode());
        String issuerHint = issuerHint();
        int hashCode18 = (hashCode17 * 59) + (issuerHint == null ? 43 : issuerHint.hashCode());
        Collection<CustomField> customFields = customFields();
        int hashCode19 = (hashCode18 * 59) + (customFields == null ? 43 : customFields.hashCode());
        DataFormat dataFormat = dataFormat();
        return (hashCode19 * 59) + (dataFormat == null ? 43 : dataFormat.hashCode());
    }

    @Generated
    public String toString() {
        return "CertificateRequest(subject=" + subject() + ", dnsNames=" + dnsNames() + ", emailAddresses=" + emailAddresses() + ", ipAddresses=" + ipAddresses() + ", attributes=" + attributes() + ", signatureAlgorithm=" + signatureAlgorithm() + ", friendlyName=" + friendlyName() + ", keyType=" + keyType() + ", keyLength=" + keyLength() + ", keyCurve=" + keyCurve() + ", csr=" + Arrays.toString(csr()) + ", keyPair=" + keyPair() + ", csrOrigin=" + csrOrigin() + ", pickupId=" + pickupId() + ", certId=" + certId() + ", chainOption=" + chainOption() + ", keyPassword=" + keyPassword() + ", fetchPrivateKey=" + fetchPrivateKey() + ", thumbprint=" + thumbprint() + ", timeout=" + timeout() + ", validityHours=" + validityHours() + ", issuerHint=" + issuerHint() + ", customFields=" + customFields() + ", dataFormat=" + dataFormat() + ")";
    }
}
