package com.rsa.certj.cert;

import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Lengths;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.BitStringContainer;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.CertJ;
import com.rsa.certj.CertJUtils;
import com.rsa.certj.cert.attributes.X501Attribute;
import com.rsa.certj.core.config.CertJConfiguration;
import com.rsa.certj.internal.CertificateUtil;
import com.rsa.jsafe.JSAFE_PrivateKey;
import java.security.SecureRandom;
import java.util.Arrays;

/* loaded from: input_file:com/rsa/certj/cert/PKCS10CertRequest.class */
public class PKCS10CertRequest extends CertRequest {
    public static final int PKCS10_VERSION_1 = 0;
    private byte[] requestInfo;
    private byte[] requestInfoDER;
    private int requestInfoDERLen;
    private int theVersion;
    private X500Name subjectName;
    private X501Attributes theAttributes;
    private ASN1Template asn1Template;
    protected int special;
    private ASN1Template asn1TemplateInfo;
    protected int infoSpecial;

    public PKCS10CertRequest() {
        this.theVersion = 0;
    }

    public PKCS10CertRequest(CertJ certJ) {
        this.theVersion = 0;
        setCertJ(certJ);
    }

    public PKCS10CertRequest(byte[] bArr, int i, int i2) throws CertificateException {
        this(bArr, i, i2, null);
    }

    public PKCS10CertRequest(byte[] bArr, int i, int i2, CertJ certJ) throws CertificateException {
        this.theVersion = 0;
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        setCertRequestBER(bArr, i, i2);
        setCertJ(certJ);
    }

    public static int getNextBEROffset(byte[] bArr, int i) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        try {
            return i + 1 + ASN1Lengths.determineLengthLen(bArr, i + 1) + ASN1Lengths.determineLength(bArr, i + 1);
        } catch (ASN_Exception e) {
            throw new CertificateException("Could not read the BER encoding.");
        }
    }

    private void setCertRequestBER(byte[] bArr, int i, int i2) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null");
        }
        clearComponents();
        ASN1Container[] decodeRequest = decodeRequest(bArr, i, i2);
        this.requestInfo = new byte[decodeRequest[1].dataLen];
        System.arraycopy(decodeRequest[1].data, decodeRequest[1].dataOffset, this.requestInfo, 0, decodeRequest[1].dataLen);
        setCertRequestInfo(decodeRequest[1].data, decodeRequest[1].dataOffset, 0);
        this.signatureAlgorithmBER = new byte[decodeRequest[2].dataLen];
        System.arraycopy(decodeRequest[2].data, decodeRequest[2].dataOffset, this.signatureAlgorithmBER, 0, decodeRequest[2].dataLen);
        this.signature = new byte[decodeRequest[3].dataLen];
        System.arraycopy(decodeRequest[3].data, decodeRequest[3].dataOffset, this.signature, 0, decodeRequest[3].dataLen);
    }

    protected static ASN1Container[] decodeRequest(byte[] bArr, int i, int i2) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        ASN1Container[] aSN1ContainerArr = {new SequenceContainer(i2), new EncodedContainer(12288), new EncodedContainer(12288), new EncodedContainer(768), new EndContainer()};
        try {
            ASN1.berDecode(bArr, i, aSN1ContainerArr);
            return aSN1ContainerArr;
        } catch (ASN_Exception e) {
            throw new CertificateException("Could not BER decode the request.");
        }
    }

    public int getDERLen(int i) {
        return encodeInit(i);
    }

    private int encodeInit(int i) {
        this.special = i;
        if (!this.signedByUs) {
            return 0;
        }
        if (this.requestInfoDER == null) {
            this.requestInfoDERLen = getCertRequestInfoDERLen(i);
        }
        if (this.requestInfoDERLen == 0 || this.signature == null || this.signatureAlgorithmBER == null) {
            return 0;
        }
        try {
            this.asn1Template = new ASN1Template(new ASN1Container[]{new SequenceContainer(i, true, 0), new EncodedContainer(12288, true, 0, (byte[]) null, 0, this.requestInfoDERLen), new EncodedContainer(12288, true, 0, (byte[]) null, 0, this.signatureAlgorithmBER.length), new EncodedContainer(768, true, 0, (byte[]) null, 0, this.signature.length), new EndContainer()});
            return this.asn1Template.derEncodeInit();
        } catch (ASN_Exception e) {
            return 0;
        }
    }

    public int getDEREncoding(byte[] bArr, int i, int i2) throws CertificateException {
        int i3;
        if (bArr == null) {
            throw new CertificateException("Specified array is null.");
        }
        if (!this.signedByUs) {
            throw new CertificateException("Could not encode, missing data.");
        }
        try {
            if (this.asn1Template == null || i2 != this.special) {
                encodeInit(i2);
            }
            int derEncode = 0 + this.asn1Template.derEncode(bArr, i);
            this.asn1Template = null;
            if (this.requestInfoDER == null || this.requestInfoDERLen == 0 || this.infoSpecial != 0) {
                int certRequestInfoDEREncoding = getCertRequestInfoDEREncoding(bArr, i + derEncode, 0);
                if (certRequestInfoDEREncoding == 0) {
                    throw new CertificateException("Could not encode, missing data.");
                }
                i3 = derEncode + certRequestInfoDEREncoding;
            } else {
                System.arraycopy(this.requestInfoDER, 0, bArr, i + derEncode, this.requestInfoDERLen);
                i3 = derEncode + this.requestInfoDERLen;
            }
            System.arraycopy(this.signatureAlgorithmBER, 0, bArr, i + i3, this.signatureAlgorithmBER.length);
            int length = i3 + this.signatureAlgorithmBER.length;
            System.arraycopy(this.signature, 0, bArr, i + length, this.signature.length);
            return length + this.signature.length;
        } catch (ASN_Exception e) {
            this.asn1Template = null;
            throw new CertificateException("Could not encode: ", e);
        }
    }

    public void setCertRequestInfo(byte[] bArr, int i, int i2) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        clearSignature();
        clearTemplate();
        ASN1Container sequenceContainer = new SequenceContainer(i2);
        ASN1Container endContainer = new EndContainer();
        ASN1Container integerContainer = new IntegerContainer(0);
        ASN1Container encodedContainer = new EncodedContainer(12288);
        ASN1Container encodedContainer2 = new EncodedContainer(12288);
        ASN1Container encodedContainer3 = new EncodedContainer(8401152);
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, integerContainer, encodedContainer, encodedContainer2, encodedContainer3, endContainer});
            checkVersionNumber(-1, ((IntegerContainer) integerContainer).data, ((IntegerContainer) integerContainer).dataOffset, ((IntegerContainer) integerContainer).dataLen);
            try {
                this.subjectName = new X500Name(((EncodedContainer) encodedContainer).data, ((EncodedContainer) encodedContainer).dataOffset, 0);
                setSubjectPublicKey(((EncodedContainer) encodedContainer2).data, ((EncodedContainer) encodedContainer2).dataOffset);
                try {
                    this.theAttributes = new X501Attributes(((EncodedContainer) encodedContainer3).data, ((EncodedContainer) encodedContainer3).dataOffset, 8388608);
                } catch (AttributeException e) {
                    throw new CertificateException("Could not read the Attributes: ", e);
                }
            } catch (NameException e2) {
                throw new CertificateException("Could not read the SubjectName: ", e2);
            }
        } catch (ASN_Exception e3) {
            throw new CertificateException("Could not BER decode the request info.");
        }
    }

    protected void checkVersionNumber(int i, byte[] bArr, int i2, int i3) throws CertificateException {
        if (i == -1) {
            if (bArr == null || i3 > 4) {
                throw new CertificateException("Invalid PKCS #10 Cert Request version.");
            }
            i = 0;
            for (int i4 = i2; i4 < i2 + i3; i4++) {
                i = (i << 8) | (bArr[i2] & 255);
            }
        }
        if (i != 0) {
            throw new CertificateException("Invalid PKCS #10 Cert Request version.");
        }
    }

    public int getCertRequestInfoDERLen(int i) {
        return infoEncodeInit(i);
    }

    private int infoEncodeInit(int i) {
        this.infoSpecial = i;
        if (this.subjectPublicKeyInfo == null || this.subjectName == null) {
            return 0;
        }
        int dERLen = this.subjectName.getDERLen(0);
        int i2 = 2;
        if (this.theAttributes != null) {
            i2 = this.theAttributes.getDERLen(8388608);
        }
        try {
            this.asn1TemplateInfo = new ASN1Template(new ASN1Container[]{new SequenceContainer(i, true, 0), new IntegerContainer(0, true, 0, this.theVersion), new EncodedContainer(12288, true, 0, (byte[]) null, 0, dERLen), new EncodedContainer(12288, true, 0, (byte[]) null, 0, this.subjectPublicKeyInfo.length), new EncodedContainer(8401152, true, 0, (byte[]) null, 0, i2), new EndContainer()});
            return this.asn1TemplateInfo.derEncodeInit();
        } catch (ASN_Exception e) {
            return 0;
        }
    }

    public int getCertRequestInfoDEREncoding(byte[] bArr, int i, int i2) throws CertificateException {
        int dEREncoding;
        if (bArr == null) {
            throw new CertificateException("Specified array is null.");
        }
        if ((this.asn1TemplateInfo == null || i2 != this.infoSpecial) && infoEncodeInit(i2) == 0) {
            throw new CertificateException("Could not encode, missing data.");
        }
        try {
            int derEncode = 0 + this.asn1TemplateInfo.derEncode(bArr, i);
            this.asn1TemplateInfo = null;
            try {
                int dEREncoding2 = derEncode + this.subjectName.getDEREncoding(bArr, i + derEncode, 0);
                System.arraycopy(this.subjectPublicKeyInfo, 0, bArr, i + dEREncoding2, this.subjectPublicKeyInfo.length);
                int length = dEREncoding2 + this.subjectPublicKeyInfo.length;
                if (this.theAttributes == null) {
                    int i3 = i + length;
                    bArr[i3] = -96;
                    bArr[i3 + 1] = 0;
                    dEREncoding = length + 2;
                } else {
                    try {
                        dEREncoding = length + this.theAttributes.getDEREncoding(bArr, i + length, 8388608);
                    } catch (AttributeException e) {
                        throw new CertificateException("Could not encode CertRequest: ", e);
                    }
                }
                return dEREncoding;
            } catch (NameException e2) {
                throw new CertificateException("Cannot build Cert Request Info: ", e2);
            }
        } catch (ASN_Exception e3) {
            this.asn1TemplateInfo = null;
            throw new CertificateException("Could not encode Cert Request: ", e3);
        }
    }

    @Override // com.rsa.certj.cert.CertRequest
    public byte[] getSignature() throws CertificateException {
        if (this.signature == null) {
            throw new CertificateException("Object not signed.");
        }
        ASN1Container bitStringContainer = new BitStringContainer(0);
        try {
            ASN1.berDecode(this.signature, 0, new ASN1Container[]{bitStringContainer});
            byte[] bArr = new byte[((BitStringContainer) bitStringContainer).dataLen];
            System.arraycopy(((BitStringContainer) bitStringContainer).data, ((BitStringContainer) bitStringContainer).dataOffset, bArr, 0, ((BitStringContainer) bitStringContainer).dataLen);
            return bArr;
        } catch (ASN_Exception e) {
            throw new CertificateException("Cannot extract the signature.");
        }
    }

    public void setVersion(int i) throws CertificateException {
        clearSignature();
        clearTemplate();
        checkVersionNumber(i, null, 0, 0);
    }

    public int getVersion() {
        return this.theVersion;
    }

    public void setSubjectName(X500Name x500Name) throws CertificateException {
        setSubjectName(x500Name, CertJConfiguration.isAutoGenSerialNumEnabled());
    }

    public void setSubjectName(X500Name x500Name, boolean z) throws CertificateException {
        clearSignature();
        clearTemplate();
        if (x500Name == null) {
            throw new CertificateException("Cannot set the cert with the given subjectName.");
        }
        try {
            this.subjectName = (X500Name) x500Name.clone();
            if (z) {
                CertificateUtil.checkSerialNumber(this.subjectName);
            }
        } catch (CloneNotSupportedException e) {
            throw new CertificateException("Cannot set the cert with the given subjectName.");
        }
    }

    public X500Name getSubjectName() {
        if (this.subjectName == null) {
            return null;
        }
        try {
            return (X500Name) this.subjectName.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    public void addAttribute(X501Attribute x501Attribute) {
        if (x501Attribute != null) {
            if (this.theAttributes == null) {
                this.theAttributes = new X501Attributes();
            }
            this.theAttributes.addAttribute(x501Attribute);
        }
    }

    public void setAttributes(X501Attributes x501Attributes) throws CertificateException {
        clearSignature();
        clearTemplate();
        try {
            if (x501Attributes != null) {
                this.theAttributes = (X501Attributes) x501Attributes.clone();
            } else {
                this.theAttributes = null;
            }
        } catch (CloneNotSupportedException e) {
            throw new CertificateException("Could not set the request object with the given attributes.");
        }
    }

    public X501Attributes getAttributes() {
        if (this.theAttributes == null) {
            return null;
        }
        try {
            return (X501Attributes) this.theAttributes.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    @Override // com.rsa.certj.cert.CertRequest
    public void signCertRequest(String str, String str2, JSAFE_PrivateKey jSAFE_PrivateKey, SecureRandom secureRandom) throws CertificateException {
        if (str == null || str2 == null || jSAFE_PrivateKey == null) {
            throw new CertificateException("Specified values are null.");
        }
        clearSignature();
        if (this.requestInfoDER == null) {
            this.requestInfoDERLen = getCertRequestInfoDERLen(0);
            this.requestInfoDER = new byte[this.requestInfoDERLen];
            this.requestInfoDERLen = getCertRequestInfoDEREncoding(this.requestInfoDER, 0, 0);
        }
        byte[] performSignature = performSignature(str, str2, jSAFE_PrivateKey, secureRandom, this.requestInfoDER, 0, this.requestInfoDERLen);
        try {
            this.signature = ASN1.derEncode(new ASN1Container[]{new BitStringContainer(0, true, 0, performSignature, 0, performSignature.length, performSignature.length * 8, false)});
        } catch (ASN_Exception e) {
            clearSignature();
            throw new CertificateException("Cannot sign the cert as presently set.");
        }
    }

    @Override // com.rsa.certj.cert.CertRequest
    public boolean verifyCertRequestSignature(String str, SecureRandom secureRandom) throws CertificateException {
        if (str == null) {
            throw new CertificateException("Specified values are null.");
        }
        if (this.requestInfo == null) {
            if (this.requestInfoDER == null) {
                throw new CertificateException("Cannot verify the signature, not all components are set.");
            }
            this.requestInfo = new byte[this.requestInfoDERLen];
            System.arraycopy(this.requestInfoDER, 0, this.requestInfo, 0, this.requestInfoDERLen);
        }
        if (this.signature == null || this.signatureAlgorithmBER == null) {
            throw new CertificateException("Cannot verify the signature, not all components are set.");
        }
        byte[] signature = getSignature();
        return performSignatureVerification(str, secureRandom, this.requestInfo, 0, this.requestInfo.length, signature, 0, signature.length);
    }

    protected void clearTemplate() {
        this.asn1Template = null;
        this.asn1TemplateInfo = null;
        this.requestInfoDER = null;
        this.requestInfoDERLen = 0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.rsa.certj.cert.CertRequest
    public void clearComponents() {
        super.clearComponents();
        clearTemplate();
        this.requestInfo = null;
        this.theVersion = 0;
        this.subjectName = null;
        this.theAttributes = null;
    }

    public boolean equals(Object obj) {
        int dERLen;
        if (!(obj instanceof PKCS10CertRequest) || (dERLen = getDERLen(0)) == 0) {
            return false;
        }
        byte[] bArr = new byte[dERLen];
        try {
            getDEREncoding(bArr, 0, 0);
            PKCS10CertRequest pKCS10CertRequest = (PKCS10CertRequest) obj;
            if (pKCS10CertRequest.getDERLen(0) == 0) {
                return false;
            }
            byte[] bArr2 = new byte[dERLen];
            try {
                pKCS10CertRequest.getDEREncoding(bArr2, 0, 0);
                return CertJUtils.byteArraysEqual(bArr, bArr2);
            } catch (CertificateException e) {
                return false;
            }
        } catch (CertificateException e2) {
            return false;
        }
    }

    public int hashCode() {
        int dERLen = getDERLen(0);
        if (dERLen == 0) {
            return 0;
        }
        byte[] bArr = new byte[dERLen];
        try {
            getDEREncoding(bArr, 0, 0);
            return Arrays.hashCode(bArr);
        } catch (CertificateException e) {
            return 0;
        }
    }
}
