package com.jrsys.mpki;

import com.jrsys.mpki.impl.AndroidKeyGenerateUtil;
import com.jrsys.mpki.impl.MCryptoAndroidKeyStoreImpl;
import ic.g;
import ic.h0;
import ic.j0;
import ic.k;
import ic.o;
import ic.p;
import ic.q;
import ic.q0;
import ic.r0;
import ic.u0;
import ic.w0;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PSSParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import lc.a;
import lc.b;
import lc.c;
import lc.d;
import oc.e;
import oc.i;

/* loaded from: classes.dex */
public class CSRGenerator extends a {
    private static Hashtable algorithms = new Hashtable();
    private static Hashtable params = new Hashtable();
    private static Hashtable keyAlgorithms = new Hashtable();
    private static Hashtable oids = new Hashtable();
    private static Set noParams = new HashSet();

    static {
        algorithms.put("MD2WITHRSAENCRYPTION", new u0("1.2.840.113549.1.1.2"));
        algorithms.put("MD2WITHRSA", new u0("1.2.840.113549.1.1.2"));
        algorithms.put("MD5WITHRSAENCRYPTION", new u0("1.2.840.113549.1.1.4"));
        algorithms.put("MD5WITHRSA", new u0("1.2.840.113549.1.1.4"));
        algorithms.put("RSAWITHMD5", new u0("1.2.840.113549.1.1.4"));
        algorithms.put("SHA1WITHRSAENCRYPTION", new u0("1.2.840.113549.1.1.5"));
        algorithms.put("SHA1WITHRSA", new u0("1.2.840.113549.1.1.5"));
        Hashtable hashtable = algorithms;
        k kVar = c.f11013k;
        hashtable.put("SHA224WITHRSAENCRYPTION", kVar);
        algorithms.put("SHA224WITHRSA", kVar);
        Hashtable hashtable2 = algorithms;
        k kVar2 = c.f11010h;
        hashtable2.put("SHA256WITHRSAENCRYPTION", kVar2);
        algorithms.put("SHA256WITHRSA", kVar2);
        Hashtable hashtable3 = algorithms;
        k kVar3 = c.f11011i;
        hashtable3.put("SHA384WITHRSAENCRYPTION", kVar3);
        algorithms.put("SHA384WITHRSA", kVar3);
        Hashtable hashtable4 = algorithms;
        k kVar4 = c.f11012j;
        hashtable4.put("SHA512WITHRSAENCRYPTION", kVar4);
        algorithms.put("SHA512WITHRSA", kVar4);
        Hashtable hashtable5 = algorithms;
        k kVar5 = c.f11009g;
        hashtable5.put("SHA1WITHRSAANDMGF1", kVar5);
        algorithms.put("SHA224WITHRSAANDMGF1", kVar5);
        algorithms.put("SHA256WITHRSAANDMGF1", kVar5);
        algorithms.put("SHA384WITHRSAANDMGF1", kVar5);
        algorithms.put("SHA512WITHRSAANDMGF1", kVar5);
        algorithms.put("RSAWITHSHA1", new u0("1.2.840.113549.1.1.5"));
        algorithms.put("RIPEMD160WITHRSAENCRYPTION", new u0("1.3.36.3.3.1.2"));
        algorithms.put("RIPEMD160WITHRSA", new u0("1.3.36.3.3.1.2"));
        algorithms.put("SHA1WITHDSA", new u0("1.2.840.10040.4.3"));
        algorithms.put("DSAWITHSHA1", new u0("1.2.840.10040.4.3"));
        Hashtable hashtable6 = algorithms;
        k kVar6 = jc.a.f10164e;
        hashtable6.put("SHA224WITHDSA", kVar6);
        Hashtable hashtable7 = algorithms;
        k kVar7 = jc.a.f10165f;
        hashtable7.put("SHA256WITHDSA", kVar7);
        Hashtable hashtable8 = algorithms;
        k kVar8 = pc.a.f17852a;
        hashtable8.put("SHA1WITHECDSA", kVar8);
        Hashtable hashtable9 = algorithms;
        k kVar9 = pc.a.f17853b;
        hashtable9.put("SHA224WITHECDSA", kVar9);
        Hashtable hashtable10 = algorithms;
        k kVar10 = pc.a.f17854c;
        hashtable10.put("SHA256WITHECDSA", kVar10);
        Hashtable hashtable11 = algorithms;
        k kVar11 = pc.a.f17855d;
        hashtable11.put("SHA384WITHECDSA", kVar11);
        Hashtable hashtable12 = algorithms;
        k kVar12 = pc.a.f17856e;
        hashtable12.put("SHA512WITHECDSA", kVar12);
        algorithms.put("ECDSAWITHSHA1", kVar8);
        oids.put(new u0("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        oids.put(kVar, "SHA224WITHRSA");
        oids.put(kVar2, "SHA256WITHRSA");
        oids.put(kVar3, "SHA384WITHRSA");
        oids.put(kVar4, "SHA512WITHRSA");
        oids.put(new u0("1.2.840.113549.1.1.4"), "MD5WITHRSA");
        oids.put(new u0("1.2.840.113549.1.1.2"), "MD2WITHRSA");
        oids.put(new u0("1.2.840.10040.4.3"), "SHA1WITHDSA");
        oids.put(kVar8, "SHA1WITHECDSA");
        oids.put(kVar9, "SHA224WITHECDSA");
        oids.put(kVar10, "SHA256WITHECDSA");
        oids.put(kVar11, "SHA384WITHECDSA");
        oids.put(kVar12, "SHA512WITHECDSA");
        oids.put(kc.a.f10413e, "SHA1WITHRSA");
        oids.put(kc.a.f10412d, "SHA1WITHDSA");
        oids.put(kVar6, "SHA224WITHDSA");
        oids.put(kVar7, "SHA256WITHDSA");
        keyAlgorithms.put(c.f11003a, AndroidKeyGenerateUtil.KEY_ALGORITHM_RSA);
        keyAlgorithms.put(pc.a.f17857f, "DSA");
        noParams.add(kVar8);
        noParams.add(kVar9);
        noParams.add(kVar10);
        noParams.add(kVar11);
        noParams.add(kVar12);
        noParams.add(pc.a.f17858g);
        noParams.add(kVar6);
        noParams.add(kVar7);
        params.put("SHA1WITHRSAANDMGF1", creatPSSParams(new oc.a(kc.a.f10411c, new r0()), 20));
        params.put("SHA224WITHRSAANDMGF1", creatPSSParams(new oc.a(jc.a.f10163d, new r0()), 28));
        params.put("SHA256WITHRSAANDMGF1", creatPSSParams(new oc.a(jc.a.f10160a, new r0()), 32));
        params.put("SHA384WITHRSAANDMGF1", creatPSSParams(new oc.a(jc.a.f10161b, new r0()), 48));
        params.put("SHA512WITHRSAANDMGF1", creatPSSParams(new oc.a(jc.a.f10162c, new r0()), 64));
    }

    public CSRGenerator() {
    }

    public CSRGenerator(p pVar) {
        super(pVar);
    }

    public CSRGenerator(String str, X500Principal x500Principal, PublicKey publicKey, q qVar, MCrypto mCrypto) {
        this(str, convertName(x500Principal), publicKey, qVar, mCrypto);
    }

    public CSRGenerator(String str, X500Principal x500Principal, PublicKey publicKey, q qVar, MCrypto mCrypto, String str2) {
        this(str, convertName(x500Principal), publicKey, qVar, mCrypto, str2);
    }

    public CSRGenerator(String str, i iVar, PublicKey publicKey, q qVar, MCrypto mCrypto) {
        this(str, iVar, publicKey, qVar, mCrypto, (String) null);
    }

    public CSRGenerator(String str, i iVar, PublicKey publicKey, q qVar, MCrypto mCrypto, String str2) {
        String j10 = ab.i.j(str);
        u0 u0Var = (u0) algorithms.get(j10);
        if (u0Var == null) {
            throw new IllegalArgumentException("Unknown signature type requested");
        }
        if (iVar == null) {
            throw new IllegalArgumentException("subject must not be null");
        }
        if (publicKey == null) {
            throw new IllegalArgumentException("public key must not be null");
        }
        if (noParams.contains(u0Var)) {
            this.sigAlgId = new oc.a(u0Var);
        } else if (params.containsKey(j10)) {
            this.sigAlgId = new oc.a(u0Var, (j0) params.get(j10));
        } else {
            this.sigAlgId = new oc.a(u0Var, null);
        }
        try {
            this.reqInfo = new b(iVar, new e((p) new g(new ByteArrayInputStream(publicKey.getEncoded())).i()), qVar);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                new w0(byteArrayOutputStream).g(this.reqInfo);
                String substring = j10.substring(0, j10.indexOf("WITH"));
                System.out.println("digestAlgorithm=" + substring);
                byte[] digest = MessageDigest.getInstance(substring).digest(byteArrayOutputStream.toByteArray());
                this.sigBits = new h0(str2 != null ? mCrypto.sign(str2, digest) : mCrypto.sign(digest));
            } catch (Exception e10) {
                throw new IllegalArgumentException("exception encoding TBS cert request - " + e10);
            }
        } catch (IOException unused) {
            throw new IllegalArgumentException("can't encode public key");
        }
    }

    public CSRGenerator(String str, i iVar, PublicKey publicKey, q qVar, PrivateKey privateKey) {
        String j10 = ab.i.j(str);
        u0 u0Var = (u0) algorithms.get(j10);
        if (u0Var == null) {
            throw new IllegalArgumentException("Unknown signature type requested");
        }
        if (iVar == null) {
            throw new IllegalArgumentException("subject must not be null");
        }
        if (publicKey == null) {
            throw new IllegalArgumentException("public key must not be null");
        }
        if (noParams.contains(u0Var)) {
            this.sigAlgId = new oc.a(u0Var);
        } else if (params.containsKey(j10)) {
            this.sigAlgId = new oc.a(u0Var, (j0) params.get(j10));
        } else {
            this.sigAlgId = new oc.a(u0Var, null);
        }
        try {
            this.reqInfo = new b(iVar, new e((p) new g(new ByteArrayInputStream(publicKey.getEncoded())).i()), qVar);
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                new w0(byteArrayOutputStream).g(this.reqInfo);
                signature.update(byteArrayOutputStream.toByteArray());
                this.sigBits = new h0(signature.sign());
            } catch (Exception e10) {
                throw new IllegalArgumentException("exception encoding TBS cert request - " + e10);
            }
        } catch (IOException unused) {
            throw new IllegalArgumentException("can't encode public key");
        }
    }

    public CSRGenerator(byte[] bArr) {
        super(toDERSequence(bArr));
    }

    private static i convertName(X500Principal x500Principal) {
        try {
            return new vc.a(x500Principal.getEncoded());
        } catch (IOException unused) {
            throw new IllegalArgumentException("can't convert name");
        }
    }

    private static d creatPSSParams(oc.a aVar, int i10) {
        return new d(aVar, new oc.a(c.f11008f, aVar), new q0(i10), new q0(1));
    }

    private static String getDigestAlgName(u0 u0Var) {
        return c.f11016n.equals(u0Var) ? "MD5" : kc.a.f10411c.equals(u0Var) ? MCryptoAndroidKeyStoreImpl.DEFAULT_ALGORITHM : jc.a.f10163d.equals(u0Var) ? "SHA224" : jc.a.f10160a.equals(u0Var) ? "SHA256" : jc.a.f10161b.equals(u0Var) ? "SHA384" : jc.a.f10162c.equals(u0Var) ? "SHA512" : u0Var.f9753c;
    }

    public static String getSignatureName(oc.a aVar) {
        d dVar;
        j0 j0Var = aVar.f13297d;
        if (j0Var == null || r0.f9747d.equals(j0Var) || !aVar.f13296c.equals(c.f11009g)) {
            return aVar.f13296c.f9753c;
        }
        oc.a aVar2 = d.f11021y;
        if (j0Var instanceof d) {
            dVar = (d) j0Var;
        } else {
            if (!(j0Var instanceof p)) {
                StringBuilder a10 = android.support.v4.media.b.a("unknown object in factory: ");
                a10.append(j0Var.getClass().getName());
                throw new IllegalArgumentException(a10.toString());
            }
            dVar = new d((p) j0Var);
        }
        return x.a.a(new StringBuilder(), getDigestAlgName(dVar.f11022c.f13296c), "withRSAandMGF1");
    }

    private void setSignatureParameters(Signature signature, j0 j0Var) {
        if (j0Var == null || r0.f9747d.equals(j0Var)) {
            return;
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
        try {
            algorithmParameters.init(j0Var.getDERObject().getDEREncoded());
            if (signature.getAlgorithm().endsWith("MGF1")) {
                try {
                    signature.setParameter(algorithmParameters.getParameterSpec(PSSParameterSpec.class));
                } catch (GeneralSecurityException e10) {
                    StringBuilder a10 = android.support.v4.media.b.a("Exception extracting parameters: ");
                    a10.append(e10.getMessage());
                    throw new SignatureException(a10.toString());
                }
            }
        } catch (IOException e11) {
            throw new SignatureException(o.a(e11, android.support.v4.media.b.a("IOException decoding parameters: ")));
        }
    }

    private static p toDERSequence(byte[] bArr) {
        try {
            return (p) new g(bArr).i();
        } catch (Exception unused) {
            throw new IllegalArgumentException("badly encoded request");
        }
    }

    @Override // ic.c
    public byte[] getEncoded() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new w0(byteArrayOutputStream).g(this);
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e10) {
            throw new RuntimeException(e10.toString());
        }
    }

    public PublicKey getPublicKey() {
        return getPublicKey("BC");
    }

    public PublicKey getPublicKey(String str) {
        e eVar = this.reqInfo.f11001q;
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new h0(eVar).f9715c);
        oc.a aVar = eVar.f13305c;
        try {
            try {
                return str == null ? KeyFactory.getInstance(aVar.f13296c.f9753c).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(aVar.f13296c.f9753c, str).generatePublic(x509EncodedKeySpec);
            } catch (NoSuchAlgorithmException e10) {
                if (keyAlgorithms.get(aVar.f13296c) == null) {
                    throw e10;
                }
                String str2 = (String) keyAlgorithms.get(aVar.f13296c);
                return str == null ? KeyFactory.getInstance(str2).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(str2, str).generatePublic(x509EncodedKeySpec);
            }
        } catch (InvalidKeySpecException unused) {
            throw new InvalidKeyException("error decoding public key");
        }
    }

    public boolean verify() {
        return verify("BC");
    }

    public boolean verify(String str) {
        return verify(getPublicKey(str), str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v0, types: [com.jrsys.mpki.CSRGenerator, lc.a] */
    /* JADX WARN: Type inference failed for: r5v0, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r5v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r5v10 */
    /* JADX WARN: Type inference failed for: r5v2, types: [java.security.Signature] */
    /* JADX WARN: Type inference failed for: r5v3, types: [java.security.Signature] */
    /* JADX WARN: Type inference failed for: r5v4, types: [java.security.Signature] */
    /* JADX WARN: Type inference failed for: r5v7 */
    /* JADX WARN: Type inference failed for: r5v9 */
    public boolean verify(PublicKey publicKey, String str) {
        try {
            str = str == 0 ? Signature.getInstance(getSignatureName(this.sigAlgId)) : Signature.getInstance(getSignatureName(this.sigAlgId), (String) str);
        } catch (NoSuchAlgorithmException e10) {
            if (oids.get(this.sigAlgId.f13296c) == null) {
                throw e10;
            }
            String str2 = (String) oids.get(this.sigAlgId.f13296c);
            str = str == 0 ? Signature.getInstance(str2) : Signature.getInstance(str2, (String) str);
        }
        setSignatureParameters(str, this.sigAlgId.f13297d);
        str.initVerify(publicKey);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new w0(byteArrayOutputStream).g(this.reqInfo);
            str.update(byteArrayOutputStream.toByteArray());
            return str.verify(this.sigBits.f9715c);
        } catch (Exception e11) {
            throw new SignatureException("exception encoding TBS cert request - " + e11);
        }
    }
}
