package com.rsa.cryptoj.o;

import com.rsa.jsafe.cert.Attribute;
import com.rsa.jsafe.cert.CertRequest;
import com.rsa.jsafe.cert.CertRequestException;
import com.rsa.jsafe.cert.ObjectID;
import com.rsa.jsafe.cert.ValidateParameters;
import com.rsa.jsafe.cert.ValidationFailedException;
import com.rsa.jsafe.cert.X509ExtensionRequestSpec;
import com.rsa.jsafe.cert.pkcs10.PKCS10ParameterSpec;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class rv implements CertRequest {

    /* renamed from: a, reason: collision with root package name */
    private static final int f22347a = 0;

    /* renamed from: b, reason: collision with root package name */
    private final ch f22348b;

    /* renamed from: c, reason: collision with root package name */
    private SecureRandom f22349c;

    /* renamed from: d, reason: collision with root package name */
    private byte[] f22350d;

    /* renamed from: e, reason: collision with root package name */
    private byte[] f22351e;

    /* renamed from: f, reason: collision with root package name */
    private X500Principal f22352f;

    /* renamed from: g, reason: collision with root package name */
    private qb f22353g;

    /* renamed from: h, reason: collision with root package name */
    private ow f22354h;

    /* renamed from: i, reason: collision with root package name */
    private byte[] f22355i;

    /* renamed from: j, reason: collision with root package name */
    private X509ExtensionRequestSpec f22356j;

    /* renamed from: k, reason: collision with root package name */
    private String f22357k;

    /* renamed from: l, reason: collision with root package name */
    private List<Attribute> f22358l;

    public rv(ch chVar, PKCS10ParameterSpec pKCS10ParameterSpec, PrivateKey privateKey) throws CertRequestException {
        this(chVar, pKCS10ParameterSpec, privateKey, null);
    }

    public rv(ch chVar, PKCS10ParameterSpec pKCS10ParameterSpec, PrivateKey privateKey, SecureRandom secureRandom) throws CertRequestException {
        this.f22348b = chVar;
        c(pKCS10ParameterSpec);
        b(pKCS10ParameterSpec);
        a(secureRandom);
        a(pKCS10ParameterSpec);
        this.f22356j = pKCS10ParameterSpec.getExtensions();
        this.f22357k = pKCS10ParameterSpec.getChallengePassword();
        a(privateKey);
    }

    public rv(ch chVar, ByteBuffer byteBuffer) throws CertRequestException {
        this.f22348b = chVar;
        byte[] bArr = new byte[byteBuffer.remaining()];
        this.f22350d = bArr;
        byteBuffer.get(bArr);
        byteBuffer.rewind();
        a.c(byteBuffer);
        ByteBuffer a10 = a.a(byteBuffer);
        byte[] bArr2 = new byte[a10.remaining()];
        this.f22351e = bArr2;
        a10.get(bArr2);
        a();
    }

    private void a() throws CertRequestException {
        d a10 = a.a("CertificationRequest", this.f22350d, 0);
        d a11 = a10.a(0);
        if (((v) a11.a(0)).i() != 0) {
            throw new CertRequestException("Unsupported PKCS #10 version.");
        }
        this.f22354h = new ow(a10.a(1));
        this.f22355i = ((k) a10.a(2)).g();
        try {
            this.f22352f = new X500Principal(a.c(a11.a(1)));
            try {
                this.f22353g = new qb(a11.a(2), this.f22348b, kf.f21323a);
                a(a11.a(3));
            } catch (GeneralSecurityException e10) {
                throw new CertRequestException("Request contains invalid public key: ", e10);
            }
        } catch (IllegalArgumentException e11) {
            throw new CertRequestException("Invalid subject name.", e11.getCause());
        }
    }

    private void a(d dVar) throws CertRequestException {
        int c10 = dVar.c();
        for (int i10 = 0; i10 < c10; i10++) {
            d a10 = dVar.a(i10);
            if (a10.a(0).equals(pj.E.c())) {
                b(a10.a(1));
            } else if (a10.a(0).equals(pj.F.c())) {
                c(a10.a(1));
            } else {
                if (this.f22358l == null) {
                    this.f22358l = new ArrayList();
                }
                try {
                    ox oxVar = new ox(dVar.a(i10), false);
                    this.f22358l.add(new Attribute(new ObjectID(oxVar.c().c().toString()), oxVar.b()));
                } catch (b unused) {
                    throw new CertRequestException("Invalid attribute value encountered.");
                }
            }
        }
    }

    private void a(PKCS10ParameterSpec pKCS10ParameterSpec) throws CertRequestException {
        pj b10 = pi.b(pKCS10ParameterSpec.getSignAlg());
        if (b10 == null) {
            throw new CertRequestException("Unsupported signing algorithm.");
        }
        this.f22354h = new ow(b10);
    }

    private void a(PrivateKey privateKey) throws CertRequestException {
        d b10 = b();
        this.f22351e = a.c(b10);
        b(privateKey);
        this.f22350d = a.c(a.a("CertificationRequest", new Object[]{b10, this.f22354h.a(), a.a((c) j.f21093a, (Object) this.f22355i)}));
    }

    private void a(SecureRandom secureRandom) {
        this.f22349c = secureRandom;
    }

    private d b() {
        return a.a("CertificationRequestInfo", new Object[]{0, a.a("Name", this.f22352f.getEncoded(), 0), a.a("SubjectPublicKeyInfo", this.f22353g.a().getEncoded(), 0), c()});
    }

    private void b(d dVar) throws CertRequestException {
        if (this.f22357k != null) {
            throw new CertRequestException("Request contained more than one challengePassword attribute.");
        }
        if (dVar.c() != 1) {
            throw new CertRequestException("PKCS #10 request contains invalid challengePassword, expected a single value.");
        }
        try {
            this.f22357k = a.a("DirectoryString", ((f) dVar.a(0)).i()).toString();
        } catch (b unused) {
            throw new CertRequestException("PKCS #10 request contains invalid challengePassword value");
        }
    }

    private void b(PKCS10ParameterSpec pKCS10ParameterSpec) throws CertRequestException {
        try {
            this.f22353g = new qb(pKCS10ParameterSpec.getPublicKey(), this.f22348b, kf.f21323a);
        } catch (NoSuchAlgorithmException e10) {
            throw new CertRequestException("Parameters contain invalid subject key.", e10);
        } catch (InvalidKeySpecException e11) {
            throw new CertRequestException("Parameters contain invalid subject key.", e11);
        }
    }

    private void b(PrivateKey privateKey) throws CertRequestException {
        try {
            os c10 = kj.c(this.f22354h.c(), this.f22348b, kf.f21323a);
            c10.initSign(privateKey, this.f22349c);
            c10.update(this.f22351e);
            this.f22355i = c10.sign();
        } catch (GeneralSecurityException e10) {
            throw new CertRequestException("Could not sign request with given private key.", e10);
        }
    }

    private Set<d> c() {
        HashSet hashSet = new HashSet();
        if (this.f22357k != null) {
            hashSet.add(e());
        }
        if (this.f22356j != null) {
            hashSet.add(d());
        }
        List<Attribute> list = this.f22358l;
        if (list != null && !list.isEmpty()) {
            Iterator<Attribute> it = this.f22358l.iterator();
            while (it.hasNext()) {
                hashSet.add(a.a("Attribute", it.next().getEncoded(), 0));
            }
        }
        return hashSet;
    }

    private void c(d dVar) throws CertRequestException {
        if (this.f22356j != null) {
            throw new CertRequestException("Request contained more than one extensionRequest attribute.");
        }
        if (dVar.c() != 1) {
            throw new CertRequestException("PKCS #10 request contains invalid extensionRequest, expected a single value.");
        }
        try {
            this.f22356j = pd.a(new ps(a.a("Extensions", ((f) dVar.a(0)).i()), 0));
        } catch (b unused) {
            throw new CertRequestException("PKCS #10 request contains invalid extensionRequest value");
        }
    }

    private void c(PKCS10ParameterSpec pKCS10ParameterSpec) {
        this.f22352f = (!pKCS10ParameterSpec.isSubjectSerialNumAutoGenEnabled() || px.a(pKCS10ParameterSpec.getSubject(), pj.f21965n)) ? pKCS10ParameterSpec.getSubject() : px.b(pKCS10ParameterSpec.getSubject());
    }

    private d d() {
        return a.a("Attribute", new Object[]{pj.F.c(), new Object[]{pd.a(this.f22356j)}});
    }

    private d e() {
        return a.a("Attribute", new Object[]{pj.E.c(), new Object[]{a.a(ag.f19998o, this.f22357k)}});
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public boolean equals(Object obj) {
        if (obj instanceof rv) {
            return Arrays.equals(this.f22350d, ((rv) obj).getEncoded());
        }
        return false;
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public byte[] getEncoded() {
        return dj.a(this.f22350d);
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public AlgorithmParameterSpec getParameters() {
        return this.f22358l != null ? this.f22357k != null ? this.f22356j != null ? new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22356j, this.f22357k, this.f22358l) : new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22357k, this.f22358l) : this.f22356j != null ? new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22356j, this.f22358l) : new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22358l) : this.f22357k != null ? this.f22356j != null ? new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22356j, this.f22357k) : new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22357k) : this.f22356j != null ? new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false, this.f22356j) : new PKCS10ParameterSpec(this.f22352f, this.f22353g.a(), this.f22354h.c(), false);
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public X500Principal getSubject() {
        return this.f22352f;
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public PublicKey getSubjectPublicKey() {
        return this.f22353g.a();
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public String getType() {
        return "PKCS10";
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public int hashCode() {
        return dn.a(7, this.f22350d);
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("PKCS10 Request: [");
        String str = dw.f20459a;
        stringBuffer.append(str);
        stringBuffer.append("Version: ");
        stringBuffer.append(0);
        stringBuffer.append(str);
        stringBuffer.append("Subject: ");
        stringBuffer.append(this.f22352f);
        stringBuffer.append(str);
        stringBuffer.append("SubjectPKInfo: ");
        stringBuffer.append(this.f22353g);
        stringBuffer.append(str);
        stringBuffer.append("Attributes: [");
        stringBuffer.append(str);
        if (this.f22357k != null) {
            stringBuffer.append(dw.f20460b);
            stringBuffer.append("ChallengePassword (");
            stringBuffer.append(pj.E.toString());
            stringBuffer.append("): ");
            stringBuffer.append(this.f22357k);
            stringBuffer.append(str);
        }
        if (this.f22356j != null) {
            stringBuffer.append(dw.f20460b);
            stringBuffer.append(this.f22356j);
        }
        List<Attribute> list = this.f22358l;
        if (list != null) {
            for (Attribute attribute : list) {
                stringBuffer.append(dw.f20460b);
                stringBuffer.append(attribute);
                stringBuffer.append(dw.f20459a);
            }
        }
        stringBuffer.append("]");
        stringBuffer.append(dw.f20459a);
        return stringBuffer.toString();
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public void validateRequest() throws NoSuchAlgorithmException, ValidationFailedException {
        String c10 = this.f22354h.c();
        if (c10 == null) {
            throw new NoSuchAlgorithmException("Signature algorithm specified in PKCS #10 is not supported.");
        }
        try {
            os c11 = kj.c(c10, this.f22348b, kf.f21323a);
            c11.initVerify(this.f22353g.a());
            c11.update(this.f22351e);
            if (c11.verify(this.f22355i)) {
            } else {
                throw new SignatureException("Certificate request validation failed!");
            }
        } catch (GeneralSecurityException e10) {
            throw new ValidationFailedException("Signature did not verify.", e10);
        }
    }

    @Override // com.rsa.jsafe.cert.CertRequest
    public void validateRequest(ValidateParameters validateParameters) {
        throw new UnsupportedOperationException("Validation parameters cannot be used for validating a PKCS #10 request.");
    }
}
