package org.b.e;

import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PSSParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.b.a.ae.az;
import org.b.a.ae.bt;
import org.b.a.af.am;
import org.b.a.ba;
import org.b.a.bm;
import org.b.a.l;
import org.b.a.o;
import org.b.a.u;
import org.b.a.w.ab;
import org.b.a.w.t;
import org.b.a.x;
import org.b.a.z.p;
import org.b.h.r;

/* loaded from: classes.dex */
public class f extends org.b.a.w.e {
    private static Hashtable algorithms = new Hashtable();
    private static Hashtable params = new Hashtable();
    private static Hashtable keyAlgorithms = new Hashtable();
    private static Hashtable oids = new Hashtable();
    private static Set noParams = new HashSet();

    static {
        algorithms.put("MD2WITHRSAENCRYPTION", new o("1.2.840.113549.1.1.2"));
        algorithms.put("MD2WITHRSA", new o("1.2.840.113549.1.1.2"));
        algorithms.put("MD5WITHRSAENCRYPTION", new o("1.2.840.113549.1.1.4"));
        algorithms.put("MD5WITHRSA", new o("1.2.840.113549.1.1.4"));
        algorithms.put("RSAWITHMD5", new o("1.2.840.113549.1.1.4"));
        algorithms.put("SHA1WITHRSAENCRYPTION", new o("1.2.840.113549.1.1.5"));
        algorithms.put("SHA1WITHRSA", new o("1.2.840.113549.1.1.5"));
        algorithms.put("SHA224WITHRSAENCRYPTION", t.sha224WithRSAEncryption);
        algorithms.put("SHA224WITHRSA", t.sha224WithRSAEncryption);
        algorithms.put("SHA256WITHRSAENCRYPTION", t.sha256WithRSAEncryption);
        algorithms.put("SHA256WITHRSA", t.sha256WithRSAEncryption);
        algorithms.put("SHA384WITHRSAENCRYPTION", t.sha384WithRSAEncryption);
        algorithms.put("SHA384WITHRSA", t.sha384WithRSAEncryption);
        algorithms.put("SHA512WITHRSAENCRYPTION", t.sha512WithRSAEncryption);
        algorithms.put("SHA512WITHRSA", t.sha512WithRSAEncryption);
        algorithms.put("SHA1WITHRSAANDMGF1", t.id_RSASSA_PSS);
        algorithms.put("SHA224WITHRSAANDMGF1", t.id_RSASSA_PSS);
        algorithms.put("SHA256WITHRSAANDMGF1", t.id_RSASSA_PSS);
        algorithms.put("SHA384WITHRSAANDMGF1", t.id_RSASSA_PSS);
        algorithms.put("SHA512WITHRSAANDMGF1", t.id_RSASSA_PSS);
        algorithms.put("RSAWITHSHA1", new o("1.2.840.113549.1.1.5"));
        algorithms.put("RIPEMD128WITHRSAENCRYPTION", p.rsaSignatureWithripemd128);
        algorithms.put("RIPEMD128WITHRSA", p.rsaSignatureWithripemd128);
        algorithms.put("RIPEMD160WITHRSAENCRYPTION", p.rsaSignatureWithripemd160);
        algorithms.put("RIPEMD160WITHRSA", p.rsaSignatureWithripemd160);
        algorithms.put("RIPEMD256WITHRSAENCRYPTION", p.rsaSignatureWithripemd256);
        algorithms.put("RIPEMD256WITHRSA", p.rsaSignatureWithripemd256);
        algorithms.put("SHA1WITHDSA", new o("1.2.840.10040.4.3"));
        algorithms.put("DSAWITHSHA1", new o("1.2.840.10040.4.3"));
        algorithms.put("SHA224WITHDSA", org.b.a.s.b.dsa_with_sha224);
        algorithms.put("SHA256WITHDSA", org.b.a.s.b.dsa_with_sha256);
        algorithms.put("SHA384WITHDSA", org.b.a.s.b.dsa_with_sha384);
        algorithms.put("SHA512WITHDSA", org.b.a.s.b.dsa_with_sha512);
        algorithms.put("SHA1WITHECDSA", am.ecdsa_with_SHA1);
        algorithms.put("SHA224WITHECDSA", am.ecdsa_with_SHA224);
        algorithms.put("SHA256WITHECDSA", am.ecdsa_with_SHA256);
        algorithms.put("SHA384WITHECDSA", am.ecdsa_with_SHA384);
        algorithms.put("SHA512WITHECDSA", am.ecdsa_with_SHA512);
        algorithms.put("ECDSAWITHSHA1", am.ecdsa_with_SHA1);
        algorithms.put("GOST3411WITHGOST3410", org.b.a.f.a.gostR3411_94_with_gostR3410_94);
        algorithms.put("GOST3410WITHGOST3411", org.b.a.f.a.gostR3411_94_with_gostR3410_94);
        algorithms.put("GOST3411WITHECGOST3410", org.b.a.f.a.gostR3411_94_with_gostR3410_2001);
        algorithms.put("GOST3411WITHECGOST3410-2001", org.b.a.f.a.gostR3411_94_with_gostR3410_2001);
        algorithms.put("GOST3411WITHGOST3410-2001", org.b.a.f.a.gostR3411_94_with_gostR3410_2001);
        oids.put(new o("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        oids.put(t.sha224WithRSAEncryption, "SHA224WITHRSA");
        oids.put(t.sha256WithRSAEncryption, "SHA256WITHRSA");
        oids.put(t.sha384WithRSAEncryption, "SHA384WITHRSA");
        oids.put(t.sha512WithRSAEncryption, "SHA512WITHRSA");
        oids.put(org.b.a.f.a.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
        oids.put(org.b.a.f.a.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
        oids.put(new o("1.2.840.113549.1.1.4"), "MD5WITHRSA");
        oids.put(new o("1.2.840.113549.1.1.2"), "MD2WITHRSA");
        oids.put(new o("1.2.840.10040.4.3"), "SHA1WITHDSA");
        oids.put(am.ecdsa_with_SHA1, "SHA1WITHECDSA");
        oids.put(am.ecdsa_with_SHA224, "SHA224WITHECDSA");
        oids.put(am.ecdsa_with_SHA256, "SHA256WITHECDSA");
        oids.put(am.ecdsa_with_SHA384, "SHA384WITHECDSA");
        oids.put(am.ecdsa_with_SHA512, "SHA512WITHECDSA");
        oids.put(org.b.a.v.b.sha1WithRSA, "SHA1WITHRSA");
        oids.put(org.b.a.v.b.dsaWithSHA1, "SHA1WITHDSA");
        oids.put(org.b.a.s.b.dsa_with_sha224, "SHA224WITHDSA");
        oids.put(org.b.a.s.b.dsa_with_sha256, "SHA256WITHDSA");
        keyAlgorithms.put(t.rsaEncryption, "RSA");
        keyAlgorithms.put(am.id_dsa, "DSA");
        noParams.add(am.ecdsa_with_SHA1);
        noParams.add(am.ecdsa_with_SHA224);
        noParams.add(am.ecdsa_with_SHA256);
        noParams.add(am.ecdsa_with_SHA384);
        noParams.add(am.ecdsa_with_SHA512);
        noParams.add(am.id_dsa_with_sha1);
        noParams.add(org.b.a.s.b.dsa_with_sha224);
        noParams.add(org.b.a.s.b.dsa_with_sha256);
        noParams.add(org.b.a.f.a.gostR3411_94_with_gostR3410_94);
        noParams.add(org.b.a.f.a.gostR3411_94_with_gostR3410_2001);
        params.put("SHA1WITHRSAANDMGF1", creatPSSParams(new org.b.a.ae.b(org.b.a.v.b.idSHA1, bm.INSTANCE), 20));
        params.put("SHA224WITHRSAANDMGF1", creatPSSParams(new org.b.a.ae.b(org.b.a.s.b.id_sha224, bm.INSTANCE), 28));
        params.put("SHA256WITHRSAANDMGF1", creatPSSParams(new org.b.a.ae.b(org.b.a.s.b.id_sha256, bm.INSTANCE), 32));
        params.put("SHA384WITHRSAANDMGF1", creatPSSParams(new org.b.a.ae.b(org.b.a.s.b.id_sha384, bm.INSTANCE), 48));
        params.put("SHA512WITHRSAANDMGF1", creatPSSParams(new org.b.a.ae.b(org.b.a.s.b.id_sha512, bm.INSTANCE), 64));
    }

    public f(String str, X500Principal x500Principal, PublicKey publicKey, x xVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, convertName(x500Principal), publicKey, xVar, privateKey, org.b.e.d.b.PROVIDER_NAME);
    }

    public f(String str, X500Principal x500Principal, PublicKey publicKey, x xVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, convertName(x500Principal), publicKey, xVar, privateKey, str2);
    }

    public f(String str, bt btVar, PublicKey publicKey, x xVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, btVar, publicKey, xVar, privateKey, org.b.e.d.b.PROVIDER_NAME);
    }

    public f(String str, bt btVar, PublicKey publicKey, x xVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        o oVar;
        String upperCase = r.toUpperCase(str);
        o oVar2 = (o) algorithms.get(upperCase);
        if (oVar2 == null) {
            try {
                oVar = new o(upperCase);
            } catch (Exception e) {
                throw new IllegalArgumentException("Unknown signature type requested");
            }
        } else {
            oVar = oVar2;
        }
        if (btVar == null) {
            throw new IllegalArgumentException("subject must not be null");
        }
        if (publicKey == null) {
            throw new IllegalArgumentException("public key must not be null");
        }
        if (noParams.contains(oVar)) {
            this.sigAlgId = new org.b.a.ae.b(oVar);
        } else if (params.containsKey(upperCase)) {
            this.sigAlgId = new org.b.a.ae.b(oVar, (org.b.a.d) params.get(upperCase));
        } else {
            this.sigAlgId = new org.b.a.ae.b(oVar, bm.INSTANCE);
        }
        try {
            this.reqInfo = new org.b.a.w.f(btVar, new az((u) org.b.a.t.fromByteArray(publicKey.getEncoded())), xVar);
            Signature signature = str2 == null ? Signature.getInstance(str) : Signature.getInstance(str, str2);
            signature.initSign(privateKey);
            try {
                signature.update(this.reqInfo.getEncoded(org.b.a.f.DER));
                this.sigBits = new ba(signature.sign());
            } catch (Exception e2) {
                throw new IllegalArgumentException("exception encoding TBS cert request - " + e2);
            }
        } catch (IOException e3) {
            throw new IllegalArgumentException("can't encode public key");
        }
    }

    public f(u uVar) {
        super(uVar);
    }

    public f(byte[] bArr) {
        super(toDERSequence(bArr));
    }

    private static bt convertName(X500Principal x500Principal) {
        try {
            return new k(x500Principal.getEncoded());
        } catch (IOException e) {
            throw new IllegalArgumentException("can't convert name");
        }
    }

    private static ab creatPSSParams(org.b.a.ae.b bVar, int i) {
        return new ab(bVar, new org.b.a.ae.b(t.id_mgf1, bVar), new l(i), new l(1L));
    }

    private static String getDigestAlgName(o oVar) {
        return t.md5.equals(oVar) ? "MD5" : org.b.a.v.b.idSHA1.equals(oVar) ? "SHA1" : org.b.a.s.b.id_sha224.equals(oVar) ? "SHA224" : org.b.a.s.b.id_sha256.equals(oVar) ? org.b.g.c.b.e.DEFAULT_MD : org.b.a.s.b.id_sha384.equals(oVar) ? "SHA384" : org.b.a.s.b.id_sha512.equals(oVar) ? "SHA512" : p.ripemd128.equals(oVar) ? "RIPEMD128" : p.ripemd160.equals(oVar) ? "RIPEMD160" : p.ripemd256.equals(oVar) ? "RIPEMD256" : org.b.a.f.a.gostR3411.equals(oVar) ? "GOST3411" : oVar.getId();
    }

    static String getSignatureName(org.b.a.ae.b bVar) {
        org.b.a.d parameters = bVar.getParameters();
        if (parameters == null || bm.INSTANCE.equals(parameters) || !bVar.getObjectId().equals(t.id_RSASSA_PSS)) {
            return bVar.getObjectId().getId();
        }
        return getDigestAlgName(ab.getInstance(parameters).getHashAlgorithm().getObjectId()) + "withRSAandMGF1";
    }

    private void setSignatureParameters(Signature signature, org.b.a.d dVar) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (dVar == null || bm.INSTANCE.equals(dVar)) {
            return;
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
        try {
            algorithmParameters.init(dVar.toASN1Primitive().getEncoded(org.b.a.f.DER));
            if (signature.getAlgorithm().endsWith("MGF1")) {
                try {
                    signature.setParameter(algorithmParameters.getParameterSpec(PSSParameterSpec.class));
                } catch (GeneralSecurityException e) {
                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
                }
            }
        } catch (IOException e2) {
            throw new SignatureException("IOException decoding parameters: " + e2.getMessage());
        }
    }

    private static u toDERSequence(byte[] bArr) {
        try {
            return (u) new org.b.a.k(bArr).readObject();
        } catch (Exception e) {
            throw new IllegalArgumentException("badly encoded request");
        }
    }

    @Override // org.b.a.n, org.b.h.d
    public byte[] getEncoded() {
        try {
            return getEncoded(org.b.a.f.DER);
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public PublicKey getPublicKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        return getPublicKey(org.b.e.d.b.PROVIDER_NAME);
    }

    public PublicKey getPublicKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        az subjectPublicKeyInfo = this.reqInfo.getSubjectPublicKeyInfo();
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new ba(subjectPublicKeyInfo).getBytes());
            org.b.a.ae.b algorithm = subjectPublicKeyInfo.getAlgorithm();
            try {
                return str == null ? KeyFactory.getInstance(algorithm.getAlgorithm().getId()).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(algorithm.getAlgorithm().getId(), str).generatePublic(x509EncodedKeySpec);
            } catch (NoSuchAlgorithmException e) {
                if (keyAlgorithms.get(algorithm.getObjectId()) == null) {
                    throw e;
                }
                String str2 = (String) keyAlgorithms.get(algorithm.getObjectId());
                return str == null ? KeyFactory.getInstance(str2).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(str2, str).generatePublic(x509EncodedKeySpec);
            }
        } catch (IOException e2) {
            throw new InvalidKeyException("error decoding public key");
        } catch (InvalidKeySpecException e3) {
            throw new InvalidKeyException("error decoding public key");
        }
    }

    public boolean verify() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(org.b.e.d.b.PROVIDER_NAME);
    }

    public boolean verify(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(getPublicKey(str), str);
    }

    public boolean verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature;
        try {
            signature = str == null ? Signature.getInstance(getSignatureName(this.sigAlgId)) : Signature.getInstance(getSignatureName(this.sigAlgId), str);
        } catch (NoSuchAlgorithmException e) {
            if (oids.get(this.sigAlgId.getObjectId()) == null) {
                throw e;
            }
            String str2 = (String) oids.get(this.sigAlgId.getObjectId());
            signature = str == null ? Signature.getInstance(str2) : Signature.getInstance(str2, str);
        }
        setSignatureParameters(signature, this.sigAlgId.getParameters());
        signature.initVerify(publicKey);
        try {
            signature.update(this.reqInfo.getEncoded(org.b.a.f.DER));
            return signature.verify(this.sigBits.getBytes());
        } catch (Exception e2) {
            throw new SignatureException("exception encoding TBS cert request - " + e2);
        }
    }
}
