package com.navercorp.nid.sign.domain.usecase;

import com.navercorp.nid.sc.operator.jcajce.JcaContentSignerBuilder;
import java.io.StringWriter;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import org.spongycastle.asn1.DERPrintableString;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.PKCS10CertificationRequestBuilder;

/* loaded from: classes5.dex */
public final class k {
    @hq.g
    public static com.navercorp.nid.sign.nte.csr.b a(@hq.g String keyId, @hq.g String name, @hq.g String idNo, @hq.g String nonce, @hq.g KeyPair keyPair) {
        String k22;
        String k23;
        String k24;
        kotlin.jvm.internal.e0.p(keyId, "keyId");
        kotlin.jvm.internal.e0.p(name, "name");
        kotlin.jvm.internal.e0.p(idNo, "idNo");
        kotlin.jvm.internal.e0.p(nonce, "nonce");
        kotlin.jvm.internal.e0.p(keyPair, "keyPair");
        X500NameBuilder x500NameBuilder = new X500NameBuilder();
        x500NameBuilder.addRDN(BCStyle.C, "KR");
        x500NameBuilder.addRDN(BCStyle.CN, name);
        x500NameBuilder.addRDN(BCStyle.SN, com.navercorp.nid.crypto.b.f44741a.a(idNo));
        X500Name subject = x500NameBuilder.build();
        PrivateKey privateKey = keyPair.getPrivate();
        kotlin.jvm.internal.e0.o(privateKey, "keyPair.private");
        ContentSigner signer = new JcaContentSignerBuilder("SHA256withECDSA").build(privateKey);
        PublicKey publicKey = keyPair.getPublic();
        kotlin.jvm.internal.e0.o(publicKey, "keyPair.public");
        kotlin.jvm.internal.e0.o(subject, "subject");
        kotlin.jvm.internal.e0.o(signer, "signer");
        PKCS10CertificationRequestBuilder pKCS10CertificationRequestBuilder = new PKCS10CertificationRequestBuilder(subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
        pKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(nonce));
        PKCS10CertificationRequest csr = pKCS10CertificationRequestBuilder.build(signer);
        kotlin.jvm.internal.e0.o(csr, "pkcs10CertificationRequestBuilder.build(signer)");
        kotlin.jvm.internal.e0.p(csr, "csr");
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        jcaPEMWriter.writeObject(csr);
        jcaPEMWriter.flush();
        jcaPEMWriter.close();
        String stringWriter2 = stringWriter.toString();
        kotlin.jvm.internal.e0.o(stringWriter2, "stringWriter.toString()");
        k22 = kotlin.text.u.k2(stringWriter2, "-----BEGIN CERTIFICATE REQUEST-----", "", false, 4, null);
        k23 = kotlin.text.u.k2(k22, "-----END CERTIFICATE REQUEST-----", "", false, 4, null);
        k24 = kotlin.text.u.k2(k23, "\n", "", false, 4, null);
        return new com.navercorp.nid.sign.nte.csr.b(keyId, k24);
    }
}
