package org.xwiki.crypto.pkix.internal;

import java.security.SecureRandom;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.xwiki.component.annotation.Component;
import org.xwiki.crypto.pkix.CertificateGenerator;
import org.xwiki.crypto.pkix.CertificateGeneratorFactory;
import org.xwiki.crypto.pkix.params.CertificateGenerationParameters;
import org.xwiki.crypto.pkix.params.x509certificate.X509CertificateGenerationParameters;
import org.xwiki.crypto.signer.Signer;
import org.xwiki.crypto.signer.SignerFactory;

@Singleton
@Component
@Named("X509")
/* loaded from: input_file:WEB-INF/lib/xwiki-commons-crypto-pkix-9.11.4.jar:org/xwiki/crypto/pkix/internal/BcX509CertificateGeneratorFactory.class */
public class BcX509CertificateGeneratorFactory implements CertificateGeneratorFactory {

    @Inject
    private SignerFactory signerFactory;

    @Inject
    private Provider<SecureRandom> randomProvider;

    @Override // org.xwiki.crypto.pkix.CertificateGeneratorFactory
    public CertificateGenerator getInstance(Signer signer, CertificateGenerationParameters certificateGenerationParameters) {
        if (!(certificateGenerationParameters instanceof X509CertificateGenerationParameters)) {
            throw new IllegalArgumentException("Invalid parameters for X.509 certificate: " + certificateGenerationParameters.getClass().getName());
        }
        if (!signer.isForSigning()) {
            throw new IllegalArgumentException("Verifying signer used for signing certificates.");
        }
        X509CertificateGenerationParameters x509CertificateGenerationParameters = (X509CertificateGenerationParameters) certificateGenerationParameters;
        switch (x509CertificateGenerationParameters.getX509Version()) {
            case V1:
                return new BcX509v1CertificateGenerator(signer, x509CertificateGenerationParameters, this.signerFactory, this.randomProvider.get());
            case V3:
                return new BcX509v3CertificateGenerator(signer, x509CertificateGenerationParameters, this.signerFactory, this.randomProvider.get());
            default:
                throw new IllegalArgumentException("Unknown X.509 certificate version: " + x509CertificateGenerationParameters.getX509Version());
        }
    }
}
