package oracle.security.pki.internal.cert;

import java.io.ByteArrayInputStream;
import java.io.Externalizable;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPrivateKey;
import java.util.ArrayList;
import oracle.security.pki.JCEUtil;
import oracle.security.pki.PKIConstants;
import oracle.security.pki.exception.AuthException;
import oracle.security.pki.internal.asn1.ASN1BitString;
import oracle.security.pki.internal.asn1.ASN1FormatException;
import oracle.security.pki.internal.asn1.ASN1GenericConstructed;
import oracle.security.pki.internal.asn1.ASN1Integer;
import oracle.security.pki.internal.asn1.ASN1Object;
import oracle.security.pki.internal.asn1.ASN1ObjectID;
import oracle.security.pki.internal.asn1.ASN1Sequence;
import oracle.security.pki.internal.asn1.ASN1SequenceInputStream;
import oracle.security.pki.internal.core.AlgID;
import oracle.security.pki.internal.core.AlgorithmIdentifier;
import oracle.security.pki.util.CryptoUtils;
import oracle.security.pki.util.KeyWrapper;
import oracle.security.pki.util.Utils;

/* loaded from: input_file:oracle/security/pki/internal/cert/CertificateRequest.class */
public class CertificateRequest implements Externalizable, ASN1Object {
    private X500Name a;
    private PublicKey b;
    private AttributeSet c;
    private ASN1Sequence d;
    private PrivateKey e;
    private AlgorithmIdentifier f;
    private byte[] g;
    private boolean h;
    private ASN1Sequence i;

    public CertificateRequest() {
        this.i = null;
    }

    public CertificateRequest(X500Name x500Name, PublicKey publicKey, PrivateKey privateKey) {
        this(x500Name, publicKey, privateKey, false);
    }

    public CertificateRequest(X500Name x500Name, PublicKey publicKey, PrivateKey privateKey, boolean z) {
        this.i = null;
        this.a = x500Name;
        this.b = publicKey;
        this.e = privateKey;
        this.h = z;
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair) {
        this(x500Name, keyPair, false);
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair, boolean z) {
        this.i = null;
        this.a = x500Name;
        this.b = keyPair.getPublic();
        this.e = keyPair.getPrivate();
        this.h = z;
    }

    public CertificateRequest(InputStream inputStream) throws IOException {
        this.i = null;
        input(inputStream);
    }

    public CertificateRequest(byte[] bArr) throws IOException {
        this(new ByteArrayInputStream(bArr));
    }

    public void a() throws SignatureException {
        k();
        try {
            if (this.f == null) {
                if (!this.e.getAlgorithm().equals(PKIConstants.RSA)) {
                    if (!this.e.getAlgorithm().equals(PKIConstants.DSA)) {
                        if (this.e.getAlgorithm().equals(PKIConstants.EC)) {
                            switch (((ECPrivateKey) this.e).getParams().getCurve().getField().getFieldSize()) {
                                case 256:
                                    this.f = AlgID.H;
                                    break;
                                case 384:
                                    this.f = AlgID.I;
                                    break;
                                case 512:
                                    this.f = AlgID.J;
                                    break;
                                default:
                                    this.f = AlgID.G;
                                    break;
                            }
                        }
                    } else {
                        this.f = AlgID.D;
                    }
                } else {
                    this.f = AlgID.A;
                }
            }
            Signature signatureInstance = JCEUtil.getSignatureInstance(CryptoUtils.getSignatureAlg(this.f));
            signatureInstance.initSign(this.e);
            signatureInstance.update(Utils.toBytes(this.d));
            this.g = signatureInstance.sign();
            l();
        } catch (InvalidKeyException e) {
            throw new SignatureException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SignatureException(e2);
        } catch (SignatureException e3) {
            throw new SignatureException(e3);
        }
    }

    public byte[] b() throws SignatureException {
        if (this.g == null) {
            a();
        }
        return this.g;
    }

    private ASN1Sequence k() {
        if (this.d == null) {
            this.d = new ASN1Sequence();
            this.d.a(new ASN1Integer(0L));
            this.d.a(this.a);
            KeyWrapper keyWrapper = null;
            try {
                keyWrapper = new KeyWrapper();
                keyWrapper.initialize("Public", this.b);
            } catch (IOException e) {
                e.printStackTrace();
            }
            this.d.a(CryptoUtils.subjectPublicKeyInfo(keyWrapper));
            if (this.c != null) {
                this.d.a(new ASN1GenericConstructed(this.c.d().b(), 0));
            } else if (!this.h) {
                this.d.a(new ASN1GenericConstructed(new ArrayList(), 0));
            }
        }
        return this.d;
    }

    @Override // oracle.security.pki.util.Streamable
    public void input(InputStream inputStream) throws IOException {
        m();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.d = new ASN1Sequence(aSN1SequenceInputStream);
        this.f = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.g = ASN1BitString.a(aSN1SequenceInputStream);
        aSN1SequenceInputStream.b();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.d));
        int intValue = ASN1Integer.b(aSN1SequenceInputStream2).intValue();
        if (intValue != 0) {
            throw new ASN1FormatException("Expected version 0, got " + intValue);
        }
        this.a = new X500Name(aSN1SequenceInputStream2);
        this.b = CryptoUtils.inputSPKI(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.a()) {
            if (aSN1SequenceInputStream2.d() != 0) {
                throw new ASN1FormatException("Expected tag 0, got " + aSN1SequenceInputStream2.d());
            }
            aSN1SequenceInputStream2.a(17);
            this.c = new AttributeSet(aSN1SequenceInputStream2);
        }
        aSN1SequenceInputStream2.b();
        try {
            c();
        } catch (AuthException e) {
            throw new IOException(e);
        }
    }

    public boolean c() throws AuthException, IOException {
        try {
            Signature signatureInstance = JCEUtil.getSignatureInstance(CryptoUtils.getSignatureAlg(this.f));
            signatureInstance.initVerify(this.b);
            signatureInstance.update(Utils.toBytes(this.d));
            return signatureInstance.verify(this.g);
        } catch (InvalidKeyException e) {
            throw new AuthException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthException(e2);
        } catch (SignatureException e3) {
            throw new AuthException(e3);
        }
    }

    @Override // oracle.security.pki.util.Streamable
    public void output(OutputStream outputStream) throws IOException {
        try {
            d().output(outputStream);
        } catch (SignatureException e) {
            throw new IOException(e);
        }
    }

    @Override // oracle.security.pki.util.Streamable
    public int length() {
        try {
            return d().length();
        } catch (SignatureException e) {
            return 0;
        }
    }

    ASN1Sequence d() throws SignatureException {
        if (this.i == null) {
            b();
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.a(this.d);
            aSN1Sequence.a(this.f);
            aSN1Sequence.a(new ASN1BitString(this.g));
            this.i = aSN1Sequence;
        }
        return this.i;
    }

    private void l() {
        this.i = null;
    }

    private void m() {
        l();
        this.d = null;
        this.g = null;
    }

    public void a(X500Name x500Name) {
        this.a = x500Name;
        m();
    }

    public X500Name e() {
        return this.a;
    }

    public PublicKey f() {
        return this.b;
    }

    public void a(PublicKey publicKey) {
        this.b = publicKey;
        m();
    }

    public void a(PrivateKey privateKey) {
        a(privateKey, (AlgorithmIdentifier) null);
    }

    public void a(PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.e = privateKey;
        a(algorithmIdentifier);
    }

    public void a(AlgorithmIdentifier algorithmIdentifier) {
        this.f = algorithmIdentifier;
        m();
    }

    public AlgorithmIdentifier g() {
        return this.f;
    }

    public Attribute a(ASN1ObjectID aSN1ObjectID, ASN1Object aSN1Object) {
        return a(new Attribute(aSN1ObjectID, aSN1Object));
    }

    public Attribute a(Attribute attribute) {
        m();
        if (this.c == null) {
            this.c = new AttributeSet();
        }
        return this.c.a(attribute);
    }

    public Attribute a(ASN1ObjectID aSN1ObjectID) {
        if (this.c != null) {
            return this.c.a(aSN1ObjectID);
        }
        return null;
    }

    public AttributeSet h() {
        return this.c;
    }

    public X509Extension a(X509Extension x509Extension) {
        X509ExtensionSet i = i();
        if (i == null) {
            i = new X509ExtensionSet();
        }
        X509Extension a = i.a(x509Extension.b());
        i.a(x509Extension);
        a(i);
        return a;
    }

    public X509ExtensionSet a(X509ExtensionSet x509ExtensionSet) {
        Attribute a = a(PKIX.j, x509ExtensionSet);
        if (a == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream(a.b().get(0)));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public X509ExtensionSet i() {
        Attribute a = a(PKIX.j);
        if (a == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream(a.b().get(0)));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public void a(boolean z) {
        this.h = z;
        m();
    }

    public boolean j() {
        return this.h;
    }

    public String toString() {
        return "subject = " + this.a + ", pubKey = " + this.b;
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeObject(Utils.toBytes(this));
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        try {
            input(new ByteArrayInputStream((byte[]) objectInput.readObject()));
        } catch (ClassCastException e) {
            throw new IOException(e);
        }
    }
}
