package com.phaos.cert;

import com.phaos.ASN1.ASN1BitString;
import com.phaos.ASN1.ASN1FormatException;
import com.phaos.ASN1.ASN1GenericConstructed;
import com.phaos.ASN1.ASN1Integer;
import com.phaos.ASN1.ASN1Object;
import com.phaos.ASN1.ASN1ObjectID;
import com.phaos.ASN1.ASN1Sequence;
import com.phaos.ASN1.ASN1SequenceInputStream;
import com.phaos.crypto.AlgorithmIdentifier;
import com.phaos.crypto.AlgorithmIdentifierException;
import com.phaos.crypto.AuthenticationException;
import com.phaos.crypto.InvalidKeyException;
import com.phaos.crypto.KeyPair;
import com.phaos.crypto.PrivateKey;
import com.phaos.crypto.PublicKey;
import com.phaos.crypto.RandomBitsSource;
import com.phaos.crypto.Signature;
import com.phaos.crypto.SignatureException;
import com.phaos.utils.CryptoUtils;
import com.phaos.utils.OutputGenerationException;
import com.phaos.utils.UnsyncByteArrayInputStream;
import com.phaos.utils.Utils;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Vector;

/* loaded from: input_file:com/phaos/cert/CertificateRequest.class */
public class CertificateRequest implements ASN1Object {
    private byte[] e;
    private ASN1Sequence f;
    private PublicKey g;
    private AlgorithmIdentifier h;
    private boolean i;
    private PrivateKey j;
    private ASN1Sequence k;
    private AttributeSet l;
    private X500Name m;

    public X509ExtensionSet setExtensions(X509ExtensionSet x509ExtensionSet) {
        Attribute addAttribute = addAttribute(PKIX.extensionRequest, x509ExtensionSet);
        if (addAttribute == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream((ASN1Object) addAttribute.getValues().elementAt(0)));
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public void setUseWrongFormat(boolean z) {
        this.i = z;
        d();
    }

    public X509ExtensionSet getExtensions() {
        Attribute attribute = getAttribute(PKIX.extensionRequest);
        if (attribute == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream((ASN1Object) attribute.getValues().elementAt(0)));
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public void setSigAlgID(AlgorithmIdentifier algorithmIdentifier) {
        this.h = algorithmIdentifier;
        d();
    }

    public void setPrivateKey(PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.j = privateKey;
        setSigAlgID(algorithmIdentifier);
    }

    public String toString() {
        return new StringBuffer().append("subject = ").append(this.m).append(", pubKey = ").append(this.g).toString();
    }

    ASN1Sequence a() throws SignatureException {
        if (this.f == null) {
            getSigBytes();
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.addElement(this.k);
            aSN1Sequence.addElement(this.h);
            aSN1Sequence.addElement(new ASN1BitString(this.e));
            this.f = aSN1Sequence;
        }
        return this.f;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.g = publicKey;
        d();
    }

    public void setSubject(X500Name x500Name) {
        this.m = x500Name;
        d();
    }

    public X500Name getSubject() {
        return this.m;
    }

    public CertificateRequest(byte[] bArr) throws IOException {
        this(new UnsyncByteArrayInputStream(bArr));
    }

    public PublicKey getPublicKey() {
        return this.g;
    }

    public boolean getUseWrongFormat() {
        return this.i;
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair, boolean z) {
        this.f = null;
        this.m = x500Name;
        this.g = keyPair.getPublic();
        this.j = keyPair.getPrivate();
        this.i = z;
    }

    public void sign(RandomBitsSource randomBitsSource) throws SignatureException {
        c();
        try {
            Signature signature = Signature.getInstance(this.j);
            if (this.h != null) {
                signature.setAlgID(this.h);
            } else {
                this.h = signature.getAlgID();
            }
            signature.setRandomBitsSource(randomBitsSource);
            signature.setDocument(Utils.toBytes(this.k));
            this.e = signature.sign();
            b();
        } catch (AlgorithmIdentifierException e) {
            throw new SignatureException(e.toString());
        }
    }

    public Attribute getAttribute(ASN1ObjectID aSN1ObjectID) {
        if (this.l != null) {
            return this.l.getAttribute(aSN1ObjectID);
        }
        return null;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        setPrivateKey(privateKey, null);
    }

    private void b() {
        this.f = null;
    }

    public AttributeSet getAttributes() {
        return this.l;
    }

    @Override // com.phaos.utils.Streamable
    public void input(InputStream inputStream) throws IOException {
        d();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.k = new ASN1Sequence(aSN1SequenceInputStream);
        this.h = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.e = ASN1BitString.inputValue(aSN1SequenceInputStream);
        aSN1SequenceInputStream.terminate();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.k));
        int intValue = ASN1Integer.inputValue(aSN1SequenceInputStream2).intValue();
        if (intValue != 0) {
            throw new ASN1FormatException(new StringBuffer().append("Expected version 0, got ").append(intValue).toString());
        }
        this.m = new X500Name(aSN1SequenceInputStream2);
        this.g = CryptoUtils.inputSPKI(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.hasMoreData()) {
            if (aSN1SequenceInputStream2.getCurrentTag() != 0) {
                throw new ASN1FormatException(new StringBuffer().append("Expected tag 0, got ").append(aSN1SequenceInputStream2.getCurrentTag()).toString());
            }
            aSN1SequenceInputStream2.setCurrentTag(17);
            this.l = new AttributeSet(aSN1SequenceInputStream2);
        }
        aSN1SequenceInputStream2.terminate();
        try {
            verifySignature();
        } catch (AuthenticationException e) {
            throw new IOException(e.toString());
        }
    }

    private ASN1Sequence c() {
        if (this.k == null) {
            this.k = new ASN1Sequence();
            this.k.addElement(new ASN1Integer(0L));
            this.k.addElement(this.m);
            this.k.addElement(CryptoUtils.subjectPublicKeyInfo(this.g));
            if (this.l != null) {
                this.k.addElement(new ASN1GenericConstructed(this.l.toASN1Set().elements(), 0));
            } else if (!this.i) {
                this.k.addElement(new ASN1GenericConstructed(new Vector(), 0));
            }
        }
        return this.k;
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair) {
        this(x500Name, keyPair, false);
    }

    @Override // com.phaos.utils.Streamable
    public void output(OutputStream outputStream) throws IOException {
        try {
            a().output(outputStream);
        } catch (SignatureException e) {
            throw new OutputGenerationException(e.toString());
        }
    }

    public X509Extension addExtension(X509Extension x509Extension) {
        X509ExtensionSet extensions = getExtensions();
        if (extensions == null) {
            extensions = new X509ExtensionSet();
        }
        X509Extension extension = extensions.getExtension(x509Extension.getType());
        extensions.addExtension(x509Extension);
        setExtensions(extensions);
        return extension;
    }

    public Attribute addAttribute(Attribute attribute) {
        d();
        if (this.l == null) {
            this.l = new AttributeSet();
        }
        return this.l.addAttribute(attribute);
    }

    public CertificateRequest(InputStream inputStream) throws IOException {
        this.f = null;
        input(inputStream);
    }

    private void d() {
        b();
        this.k = null;
        this.e = null;
    }

    public boolean verifySignature() throws AuthenticationException {
        try {
            Signature signature = Signature.getInstance(this.h);
            signature.setPublicKey(this.g);
            signature.setDocument(Utils.toBytes(this.k));
            signature.setSigBytes(this.e);
            return signature.verify();
        } catch (AlgorithmIdentifierException e) {
            throw new AuthenticationException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new AuthenticationException(e2.toString());
        }
    }

    public Attribute addAttribute(ASN1ObjectID aSN1ObjectID, ASN1Object aSN1Object) {
        return addAttribute(new Attribute(aSN1ObjectID, aSN1Object));
    }

    public void sign() throws SignatureException {
        sign(RandomBitsSource.getDefault());
    }

    @Override // com.phaos.utils.Streamable
    public int length() {
        try {
            return a().length();
        } catch (SignatureException e) {
            return 0;
        }
    }

    public CertificateRequest() {
        this.f = null;
    }

    public byte[] getSigBytes() throws SignatureException {
        if (this.e == null) {
            sign();
        }
        return this.e;
    }
}
