package org.spongycastle.jce;

import h.b.a.a3.h0;
import h.b.a.a3.t0;
import h.b.a.b3.o;
import h.b.a.e;
import h.b.a.g2.a;
import h.b.a.j;
import h.b.a.k;
import h.b.a.n;
import h.b.a.q0;
import h.b.a.s;
import h.b.a.t;
import h.b.a.t2.d;
import h.b.a.t2.q;
import h.b.a.t2.x;
import h.b.a.v;
import h.b.a.w2.b;
import h.b.a.y0;
import h.b.h.l;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PSSParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes2.dex */
public class PKCS10CertificationRequest extends d {
    private static Hashtable algorithms = new Hashtable();
    private static Hashtable params = new Hashtable();
    private static Hashtable keyAlgorithms = new Hashtable();
    private static Hashtable oids = new Hashtable();
    private static Set noParams = new HashSet();

    static {
        algorithms.put("MD2WITHRSAENCRYPTION", new n("1.2.840.113549.1.1.2"));
        algorithms.put("MD2WITHRSA", new n("1.2.840.113549.1.1.2"));
        algorithms.put("MD5WITHRSAENCRYPTION", new n("1.2.840.113549.1.1.4"));
        algorithms.put("MD5WITHRSA", new n("1.2.840.113549.1.1.4"));
        algorithms.put("RSAWITHMD5", new n("1.2.840.113549.1.1.4"));
        algorithms.put("SHA1WITHRSAENCRYPTION", new n("1.2.840.113549.1.1.5"));
        algorithms.put("SHA1WITHRSA", new n("1.2.840.113549.1.1.5"));
        algorithms.put("SHA224WITHRSAENCRYPTION", q.N);
        algorithms.put("SHA224WITHRSA", q.N);
        algorithms.put("SHA256WITHRSAENCRYPTION", q.J);
        algorithms.put("SHA256WITHRSA", q.J);
        algorithms.put("SHA384WITHRSAENCRYPTION", q.K);
        algorithms.put("SHA384WITHRSA", q.K);
        algorithms.put("SHA512WITHRSAENCRYPTION", q.M);
        algorithms.put("SHA512WITHRSA", q.M);
        algorithms.put("SHA1WITHRSAANDMGF1", q.I);
        algorithms.put("SHA224WITHRSAANDMGF1", q.I);
        algorithms.put("SHA256WITHRSAANDMGF1", q.I);
        algorithms.put("SHA384WITHRSAANDMGF1", q.I);
        algorithms.put("SHA512WITHRSAANDMGF1", q.I);
        algorithms.put("RSAWITHSHA1", new n("1.2.840.113549.1.1.5"));
        algorithms.put("RIPEMD128WITHRSAENCRYPTION", b.f3565g);
        algorithms.put("RIPEMD128WITHRSA", b.f3565g);
        algorithms.put("RIPEMD160WITHRSAENCRYPTION", b.f3564f);
        algorithms.put("RIPEMD160WITHRSA", b.f3564f);
        algorithms.put("RIPEMD256WITHRSAENCRYPTION", b.f3566h);
        algorithms.put("RIPEMD256WITHRSA", b.f3566h);
        algorithms.put("SHA1WITHDSA", new n("1.2.840.10040.4.3"));
        algorithms.put("DSAWITHSHA1", new n("1.2.840.10040.4.3"));
        algorithms.put("SHA224WITHDSA", h.b.a.p2.b.S);
        algorithms.put("SHA256WITHDSA", h.b.a.p2.b.T);
        algorithms.put("SHA384WITHDSA", h.b.a.p2.b.U);
        algorithms.put("SHA512WITHDSA", h.b.a.p2.b.V);
        algorithms.put("SHA1WITHECDSA", o.O1);
        algorithms.put("SHA224WITHECDSA", o.S1);
        algorithms.put("SHA256WITHECDSA", o.T1);
        algorithms.put("SHA384WITHECDSA", o.U1);
        algorithms.put("SHA512WITHECDSA", o.V1);
        algorithms.put("ECDSAWITHSHA1", o.O1);
        algorithms.put("GOST3411WITHGOST3410", a.n);
        algorithms.put("GOST3410WITHGOST3411", a.n);
        algorithms.put("GOST3411WITHECGOST3410", a.o);
        algorithms.put("GOST3411WITHECGOST3410-2001", a.o);
        algorithms.put("GOST3411WITHGOST3410-2001", a.o);
        oids.put(new n("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        oids.put(q.N, "SHA224WITHRSA");
        oids.put(q.J, "SHA256WITHRSA");
        oids.put(q.K, "SHA384WITHRSA");
        oids.put(q.M, "SHA512WITHRSA");
        oids.put(a.n, "GOST3411WITHGOST3410");
        oids.put(a.o, "GOST3411WITHECGOST3410");
        oids.put(new n("1.2.840.113549.1.1.4"), "MD5WITHRSA");
        oids.put(new n("1.2.840.113549.1.1.2"), "MD2WITHRSA");
        oids.put(new n("1.2.840.10040.4.3"), "SHA1WITHDSA");
        oids.put(o.O1, "SHA1WITHECDSA");
        oids.put(o.S1, "SHA224WITHECDSA");
        oids.put(o.T1, "SHA256WITHECDSA");
        oids.put(o.U1, "SHA384WITHECDSA");
        oids.put(o.V1, "SHA512WITHECDSA");
        oids.put(h.b.a.s2.b.k, "SHA1WITHRSA");
        oids.put(h.b.a.s2.b.j, "SHA1WITHDSA");
        oids.put(h.b.a.p2.b.S, "SHA224WITHDSA");
        oids.put(h.b.a.p2.b.T, "SHA256WITHDSA");
        keyAlgorithms.put(q.u, "RSA");
        keyAlgorithms.put(o.B2, "DSA");
        noParams.add(o.O1);
        noParams.add(o.S1);
        noParams.add(o.T1);
        noParams.add(o.U1);
        noParams.add(o.V1);
        noParams.add(o.D2);
        noParams.add(h.b.a.p2.b.S);
        noParams.add(h.b.a.p2.b.T);
        noParams.add(a.n);
        noParams.add(a.o);
        params.put("SHA1WITHRSAANDMGF1", creatPSSParams(new h.b.a.a3.a(h.b.a.s2.b.f3495i, y0.f3586a), 20));
        params.put("SHA224WITHRSAANDMGF1", creatPSSParams(new h.b.a.a3.a(h.b.a.p2.b.f3466f, y0.f3586a), 28));
        params.put("SHA256WITHRSAANDMGF1", creatPSSParams(new h.b.a.a3.a(h.b.a.p2.b.f3463c, y0.f3586a), 32));
        params.put("SHA384WITHRSAANDMGF1", creatPSSParams(new h.b.a.a3.a(h.b.a.p2.b.f3464d, y0.f3586a), 48));
        params.put("SHA512WITHRSAANDMGF1", creatPSSParams(new h.b.a.a3.a(h.b.a.p2.b.f3465e, y0.f3586a), 64));
    }

    public PKCS10CertificationRequest(t tVar) {
        super(tVar);
    }

    public PKCS10CertificationRequest(String str, t0 t0Var, PublicKey publicKey, v vVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, t0Var, publicKey, vVar, privateKey, BouncyCastleProvider.PROVIDER_NAME);
    }

    public PKCS10CertificationRequest(String str, t0 t0Var, PublicKey publicKey, v vVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        String k = l.k(str);
        n nVar = (n) algorithms.get(k);
        if (nVar == null) {
            try {
                nVar = new n(k);
            } catch (Exception unused) {
                throw new IllegalArgumentException("Unknown signature type requested");
            }
        }
        if (t0Var == null) {
            throw new IllegalArgumentException("subject must not be null");
        }
        if (publicKey == null) {
            throw new IllegalArgumentException("public key must not be null");
        }
        if (noParams.contains(nVar)) {
            this.sigAlgId = new h.b.a.a3.a(nVar);
        } else if (params.containsKey(k)) {
            this.sigAlgId = new h.b.a.a3.a(nVar, (e) params.get(k));
        } else {
            this.sigAlgId = new h.b.a.a3.a(nVar, y0.f3586a);
        }
        try {
            this.reqInfo = new h.b.a.t2.e(t0Var, h0.f((t) s.g(publicKey.getEncoded())), vVar);
            Signature signature = str2 == null ? Signature.getInstance(str) : Signature.getInstance(str, str2);
            signature.initSign(privateKey);
            try {
                signature.update(this.reqInfo.getEncoded("DER"));
                this.sigBits = new q0(signature.sign());
            } catch (Exception e2) {
                throw new IllegalArgumentException("exception encoding TBS cert request - " + e2);
            }
        } catch (IOException unused2) {
            throw new IllegalArgumentException("can't encode public key");
        }
    }

    public PKCS10CertificationRequest(String str, X500Principal x500Principal, PublicKey publicKey, v vVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, convertName(x500Principal), publicKey, vVar, privateKey, BouncyCastleProvider.PROVIDER_NAME);
    }

    public PKCS10CertificationRequest(String str, X500Principal x500Principal, PublicKey publicKey, v vVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, convertName(x500Principal), publicKey, vVar, privateKey, str2);
    }

    public PKCS10CertificationRequest(byte[] bArr) {
        super(toDERSequence(bArr));
    }

    private static t0 convertName(X500Principal x500Principal) {
        try {
            return new X509Principal(x500Principal.getEncoded());
        } catch (IOException unused) {
            throw new IllegalArgumentException("can't convert name");
        }
    }

    private static x creatPSSParams(h.b.a.a3.a aVar, int i2) {
        return new x(aVar, new h.b.a.a3.a(q.F, aVar), new k(i2), new k(1L));
    }

    private static String getDigestAlgName(n nVar) {
        return q.m0.equals(nVar) ? "MD5" : h.b.a.s2.b.f3495i.equals(nVar) ? "SHA1" : h.b.a.p2.b.f3466f.equals(nVar) ? "SHA224" : h.b.a.p2.b.f3463c.equals(nVar) ? "SHA256" : h.b.a.p2.b.f3464d.equals(nVar) ? "SHA384" : h.b.a.p2.b.f3465e.equals(nVar) ? "SHA512" : b.f3561c.equals(nVar) ? "RIPEMD128" : b.f3560b.equals(nVar) ? "RIPEMD160" : b.f3562d.equals(nVar) ? "RIPEMD256" : a.f3378b.equals(nVar) ? "GOST3411" : nVar.o();
    }

    static String getSignatureName(h.b.a.a3.a aVar) {
        e g2 = aVar.g();
        if (g2 == null || y0.f3586a.equals(g2) || !aVar.d().equals(q.I)) {
            return aVar.d().o();
        }
        return c.a.b.a.a.n(new StringBuilder(), getDigestAlgName(x.e(g2).d().d()), "withRSAandMGF1");
    }

    private void setSignatureParameters(Signature signature, e eVar) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (eVar == null || y0.f3586a.equals(eVar)) {
            return;
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
        try {
            algorithmParameters.init(eVar.toASN1Primitive().getEncoded("DER"));
            if (signature.getAlgorithm().endsWith("MGF1")) {
                try {
                    signature.setParameter(algorithmParameters.getParameterSpec(PSSParameterSpec.class));
                } catch (GeneralSecurityException e2) {
                    StringBuilder s = c.a.b.a.a.s("Exception extracting parameters: ");
                    s.append(e2.getMessage());
                    throw new SignatureException(s.toString());
                }
            }
        } catch (IOException e3) {
            throw new SignatureException(c.a.b.a.a.Q(e3, c.a.b.a.a.s("IOException decoding parameters: ")));
        }
    }

    private static t toDERSequence(byte[] bArr) {
        try {
            return (t) new j(bArr).I();
        } catch (Exception unused) {
            throw new IllegalArgumentException("badly encoded request");
        }
    }

    @Override // h.b.a.m
    public byte[] getEncoded() {
        try {
            return getEncoded("DER");
        } catch (IOException e2) {
            throw new RuntimeException(e2.toString());
        }
    }

    public PublicKey getPublicKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        return getPublicKey(BouncyCastleProvider.PROVIDER_NAME);
    }

    public PublicKey getPublicKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        h0 d2 = this.reqInfo.d();
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new q0(d2).m());
            h.b.a.a3.a d3 = d2.d();
            try {
                return str == null ? KeyFactory.getInstance(d3.d().o()).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(d3.d().o(), str).generatePublic(x509EncodedKeySpec);
            } catch (NoSuchAlgorithmException e2) {
                if (keyAlgorithms.get(d3.d()) == null) {
                    throw e2;
                }
                String str2 = (String) keyAlgorithms.get(d3.d());
                return str == null ? KeyFactory.getInstance(str2).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(str2, str).generatePublic(x509EncodedKeySpec);
            }
        } catch (IOException unused) {
            throw new InvalidKeyException("error decoding public key");
        } catch (InvalidKeySpecException unused2) {
            throw new InvalidKeyException("error decoding public key");
        }
    }

    public boolean verify() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(BouncyCastleProvider.PROVIDER_NAME);
    }

    public boolean verify(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(getPublicKey(str), str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v10 */
    /* JADX WARN: Type inference failed for: r5v7 */
    /* JADX WARN: Type inference failed for: r5v9 */
    public boolean verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        try {
            str = str == 0 ? Signature.getInstance(getSignatureName(this.sigAlgId)) : Signature.getInstance(getSignatureName(this.sigAlgId), str);
        } catch (NoSuchAlgorithmException e2) {
            if (oids.get(this.sigAlgId.d()) == null) {
                throw e2;
            }
            String str2 = (String) oids.get(this.sigAlgId.d());
            str = str == 0 ? Signature.getInstance(str2) : Signature.getInstance(str2, str);
        }
        setSignatureParameters(str, this.sigAlgId.g());
        str.initVerify(publicKey);
        try {
            str.update(this.reqInfo.getEncoded("DER"));
            return str.verify(this.sigBits.m());
        } catch (Exception e3) {
            throw new SignatureException("exception encoding TBS cert request - " + e3);
        }
    }
}
