package com.baltimore.jpkiplus.x509.utils;

import com.baltimore.jcrypto.asn1.ASN1BitString;
import com.baltimore.jcrypto.asn1.ASN1Exception;
import com.baltimore.jcrypto.asn1.ASN1Interface;
import com.baltimore.jcrypto.asn1.ASN1Object;
import com.baltimore.jcrypto.asn1.ASN1Sequence;
import com.baltimore.jcrypto.coders.CoderException;
import com.baltimore.jcrypto.coders.DERCoder;
import com.baltimore.jcrypto.pkcs.AlgorithmIdentifier;
import com.baltimore.jcrypto.utils.ByteArray;
import com.baltimore.jcrypto.utils.OIDException;
import com.baltimore.jcrypto.utils.OIDs;
import com.baltimore.jpkiplus.x509.Name;
import com.baltimore.jpkiplus.x509.Signable;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

/* compiled from: [DashoPro-V1.3-013000] */
/* loaded from: input_file:com/baltimore/jpkiplus/x509/utils/CertificationRequest.class */
public class CertificationRequest implements ASN1Interface, Signable {
    private CertificationRequestInfo a;
    private AlgorithmIdentifier b;
    private byte[] c;
    private byte[] d;
    private byte[] e;

    public CertificationRequest() {
        this.a = null;
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
    }

    public CertificationRequest(ASN1Object aSN1Object) throws Exception {
        this.a = null;
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
        fromASN1Object(aSN1Object);
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo, AlgorithmIdentifier algorithmIdentifier) {
        this.a = null;
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
        this.a = certificationRequestInfo;
        this.b = algorithmIdentifier;
    }

    @Override // com.baltimore.jcrypto.asn1.ASN1Interface
    public void fromASN1Object(ASN1Object aSN1Object) throws ASN1Exception {
        this.d = null;
        this.e = null;
        ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1Object;
        int numberOfComponents = aSN1Sequence.getNumberOfComponents();
        this.a = new CertificationRequestInfo(aSN1Sequence.getComponent(0));
        if (numberOfComponents > 1) {
            this.b = new AlgorithmIdentifier(aSN1Sequence.getComponent(1));
            if (numberOfComponents > 2) {
                this.c = ((ASN1BitString) aSN1Sequence.getComponent(2)).getValue();
            }
        }
    }

    public void fromDER(byte[] bArr) throws Exception {
        fromASN1Object(DERCoder.decode(bArr));
        this.d = bArr;
        this.e = DERCoder.getComponent(bArr, 0);
    }

    public byte[] getCertRequestInfoBytes() throws ASN1Exception, CoderException {
        if (this.e == null) {
            if (this.a == null) {
                return null;
            }
            this.e = DERCoder.encode(this.a);
        }
        return this.e;
    }

    public CertificationRequestInfo getCertificationRequestInfo() {
        return this.a;
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public boolean getChunkToDigestForSigning(ByteArray byteArray, Certificate certificate) throws CertificateException {
        if (byteArray == null) {
            throw new CertificateException("CertificationRequest::getChunkToDigestForSigning() - ByteArray parameter is null.");
        }
        try {
            byteArray.replace(getCertRequestInfoBytes());
            return true;
        } catch (Exception e) {
            throw new CertificateException(new StringBuffer("CertificationRequest::getChunkToDigestForSigning() ").append(e.getMessage()).toString());
        }
    }

    public Name getName() {
        if (this.a == null) {
            return null;
        }
        return this.a.getSubject();
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public int getNumberOfSignatures() {
        return isSigned() ? 1 : 0;
    }

    public byte[] getSignature() {
        return getSignature(null);
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public byte[] getSignature(Certificate certificate) {
        return this.c;
    }

    public AlgorithmIdentifier getSignatureAlgorithm() {
        return getSignatureAlgorithm(null);
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public AlgorithmIdentifier getSignatureAlgorithm(Certificate certificate) {
        return this.b;
    }

    public SubjectPublicKeyInfo getSubjectPublicKeyInfo() {
        if (this.a == null) {
            return null;
        }
        return this.a.getSubjectPublicKeyInfo();
    }

    public byte[] getTBSData() throws CertificateException {
        return getTBSData(null);
    }

    public byte[] getTBSData(Certificate certificate) throws CertificateException {
        ByteArray byteArray = new ByteArray();
        getChunkToDigestForSigning(byteArray, certificate);
        return byteArray.getBytes();
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public boolean isSigned() {
        return this.c != null;
    }

    public void setCertificationRequestInfo(CertificationRequestInfo certificationRequestInfo) {
        this.a = certificationRequestInfo;
    }

    public void setFaulty() throws CertificateException {
        if (this.a == null) {
            throw new CertificateException("CertificationRequest::setFaulty - the certificate request has yet to be constructed.");
        }
        if (isSigned()) {
            throw new CertificateException("CertificationRequest::setFaulty - has already been signed.");
        }
        this.a.setFaulty(true);
    }

    public void setSignature(byte[] bArr) {
        setSignature(bArr, null);
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public void setSignature(byte[] bArr, Certificate certificate) {
        this.c = bArr;
    }

    public void setSignatureAlgorithm(AlgorithmIdentifier algorithmIdentifier) {
        setSignatureAlgorithm(algorithmIdentifier, null);
    }

    @Override // com.baltimore.jpkiplus.x509.Signable
    public void setSignatureAlgorithm(AlgorithmIdentifier algorithmIdentifier, Certificate certificate) {
        this.b = algorithmIdentifier;
    }

    public void signCertificationRequest(PrivateKey privateKey) throws CertificateException, OIDException {
        signCertificationRequest(privateKey, null, null);
    }

    public void signCertificationRequest(PrivateKey privateKey, String str, SecureRandom secureRandom) throws CertificateException, OIDException {
        if (this.b == null) {
            throw new CertificateException("CertificationRequest::signCertificationRequest - The Signature Algorithm has not been set.");
        }
        String stringFromOID = OIDs.getStringFromOID(this.b.getAlgorithm());
        if (stringFromOID == null) {
            throw new CertificateException("CertificationRequest::signCertificationRequest - The Signature Algorithm is not one of the available signature algorithms.");
        }
        try {
            Signature signature = str == null ? Signature.getInstance(stringFromOID) : Signature.getInstance(stringFromOID, str);
            try {
                byte[] encode = DERCoder.encode(this.a);
                if (secureRandom == null) {
                    signature.initSign(privateKey);
                } else {
                    signature.initSign(privateKey, secureRandom);
                }
                signature.update(encode);
                this.c = signature.sign();
            } catch (Exception e) {
                throw new CertificateException(e.getMessage());
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new CertificateException(e2.getMessage());
        } catch (NoSuchProviderException e3) {
            throw new CertificateException(e3.getMessage());
        }
    }

    @Override // com.baltimore.jcrypto.asn1.ASN1Interface
    public ASN1Object toASN1Object() throws ASN1Exception {
        if (this.a == null) {
            throw new ASN1Exception("CertificationRequest::toASN1Object() - CertificationRequest contains no info.");
        }
        ASN1Sequence aSN1Sequence = new ASN1Sequence();
        aSN1Sequence.addComponent(this.a);
        if (this.b != null && this.c != null) {
            aSN1Sequence.addComponent(this.b);
            aSN1Sequence.addComponent(new ASN1BitString(this.c, 0));
        }
        aSN1Sequence.setBERBytes(this.d);
        return aSN1Sequence;
    }

    public byte[] toDER() throws Exception {
        if (this.d == null) {
            this.d = DERCoder.encode(this);
        }
        return this.d;
    }

    public static boolean verifyCertificationRequest(CertificationRequest certificationRequest) throws Exception {
        if (!certificationRequest.isSigned()) {
            throw new CertificateException("CertificationRequest::verifyCertificationRequest() - Cannot verify an unsigned Certificate.");
        }
        byte[] certRequestInfoBytes = certificationRequest.getCertRequestInfoBytes();
        PublicKey subjectPublicKey = certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo().getSubjectPublicKey();
        String stringFromOID = OIDs.getStringFromOID(certificationRequest.getSignatureAlgorithm(null).getAlgorithm());
        if (stringFromOID == null) {
            throw new CertificateException("CertificationRequest::signCertificationRequest - The Signature Algorithm is not one of the available signature algorithms.");
        }
        Signature signature = Signature.getInstance(stringFromOID);
        signature.initVerify(subjectPublicKey);
        signature.update(certRequestInfoBytes);
        return signature.verify(certificationRequest.getSignature(null));
    }
}
