package org.bouncycastle.tls.crypto.impl.jcajce;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.TlsSigner;

/* loaded from: classes4.dex */
public class JcaTlsRSASigner implements TlsSigner {

    /* renamed from: a, reason: collision with root package name */
    public final JcaTlsCrypto f23648a;
    public final PrivateKey b;

    /* renamed from: c, reason: collision with root package name */
    public final PublicKey f23649c;

    /* renamed from: d, reason: collision with root package name */
    public Signature f23650d = null;

    public JcaTlsRSASigner(JcaTlsCrypto jcaTlsCrypto, PrivateKey privateKey, PublicKey publicKey) {
        if (jcaTlsCrypto == null) {
            throw new NullPointerException("crypto");
        }
        if (privateKey == null) {
            throw new NullPointerException("privateKey");
        }
        this.f23648a = jcaTlsCrypto;
        this.b = privateKey;
        this.f23649c = publicKey;
    }

    @Override // org.bouncycastle.tls.crypto.TlsSigner
    public final byte[] a(SignatureAndHashAlgorithm signatureAndHashAlgorithm, byte[] bArr) throws IOException {
        try {
            try {
                if (this.f23650d == null) {
                    JcaTlsCrypto jcaTlsCrypto = this.f23648a;
                    Signature d9 = jcaTlsCrypto.f23619a.d("NoneWithRSA");
                    this.f23650d = d9;
                    d9.initSign(this.b, jcaTlsCrypto.b);
                }
                Signature signature = this.f23650d;
                if (signatureAndHashAlgorithm != null) {
                    if (signatureAndHashAlgorithm.b != 1) {
                        throw new IllegalStateException("Invalid algorithm: " + signatureAndHashAlgorithm);
                    }
                    bArr = new DigestInfo(new AlgorithmIdentifier(TlsUtils.G(signatureAndHashAlgorithm.f23502a), DERNull.f22630d), bArr).getEncoded();
                }
                signature.update(bArr, 0, bArr.length);
                byte[] sign = signature.sign();
                signature.initVerify(this.f23649c);
                signature.update(bArr, 0, bArr.length);
                boolean verify = signature.verify(sign);
                this.f23650d = null;
                if (verify) {
                    return sign;
                }
                throw new TlsFatalAlert((short) 80, null, null);
            } catch (GeneralSecurityException e) {
                throw new TlsFatalAlert((short) 80, null, e);
            }
        } catch (Throwable th) {
            this.f23650d = null;
            throw th;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x003d, code lost:
    
        if ("SunMSCAPI".equals(r5.getName()) != false) goto L20;
     */
    @Override // org.bouncycastle.tls.crypto.TlsSigner
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final org.bouncycastle.tls.crypto.TlsStreamSigner b(org.bouncycastle.tls.SignatureAndHashAlgorithm r9) throws java.io.IOException {
        /*
            r8 = this;
            java.security.PrivateKey r0 = r8.b
            org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto r1 = r8.f23648a
            r2 = 0
            if (r9 == 0) goto L6d
            short r3 = r9.b
            r4 = 1
            if (r4 != r3) goto L6d
            java.lang.String r3 = "SunMSCAPI"
            java.security.Provider r5 = java.security.Security.getProvider(r3)
            r6 = 0
            if (r5 == 0) goto L17
            r5 = r4
            goto L18
        L17:
            r5 = r6
        L18:
            if (r5 == 0) goto L6d
            java.security.Signature r5 = r8.f23650d     // Catch: java.security.GeneralSecurityException -> L41
            if (r5 != 0) goto L2d
            org.bouncycastle.jcajce.util.JcaJceHelper r5 = r1.f23619a     // Catch: java.security.GeneralSecurityException -> L41
            java.lang.String r7 = "NoneWithRSA"
            java.security.Signature r5 = r5.d(r7)     // Catch: java.security.GeneralSecurityException -> L41
            r8.f23650d = r5     // Catch: java.security.GeneralSecurityException -> L41
            java.security.SecureRandom r7 = r1.b     // Catch: java.security.GeneralSecurityException -> L41
            r5.initSign(r0, r7)     // Catch: java.security.GeneralSecurityException -> L41
        L2d:
            java.security.Signature r5 = r8.f23650d     // Catch: java.security.GeneralSecurityException -> L41
            java.security.Provider r5 = r5.getProvider()     // Catch: java.security.GeneralSecurityException -> L41
            if (r5 == 0) goto L40
            java.lang.String r5 = r5.getName()     // Catch: java.security.GeneralSecurityException -> L41
            boolean r3 = r3.equals(r5)     // Catch: java.security.GeneralSecurityException -> L41
            if (r3 == 0) goto L40
            goto L41
        L40:
            r4 = r6
        L41:
            if (r4 == 0) goto L6d
            java.security.PublicKey r3 = r8.f23649c
            r1.getClass()
            java.lang.String r9 = org.bouncycastle.tls.crypto.impl.jcajce.JcaUtils.a(r9)
            org.bouncycastle.jcajce.util.JcaJceHelper r4 = r1.f23619a
            java.security.Signature r5 = r4.d(r9)     // Catch: java.security.GeneralSecurityException -> L64
            java.security.Signature r9 = r4.d(r9)     // Catch: java.security.GeneralSecurityException -> L64
            java.security.SecureRandom r1 = r1.b     // Catch: java.security.GeneralSecurityException -> L64
            r5.initSign(r0, r1)     // Catch: java.security.GeneralSecurityException -> L64
            r9.initVerify(r3)     // Catch: java.security.GeneralSecurityException -> L64
            org.bouncycastle.tls.crypto.impl.jcajce.JcaVerifyingStreamSigner r0 = new org.bouncycastle.tls.crypto.impl.jcajce.JcaVerifyingStreamSigner     // Catch: java.security.GeneralSecurityException -> L64
            r0.<init>(r5, r9)     // Catch: java.security.GeneralSecurityException -> L64
            return r0
        L64:
            r9 = move-exception
            org.bouncycastle.tls.TlsFatalAlert r0 = new org.bouncycastle.tls.TlsFatalAlert
            r1 = 80
            r0.<init>(r1, r2, r9)
            throw r0
        L6d:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsRSASigner.b(org.bouncycastle.tls.SignatureAndHashAlgorithm):org.bouncycastle.tls.crypto.TlsStreamSigner");
    }
}
