package org.bouncycastle.jce.netscape;

import defpackage.awp;
import defpackage.awq;
import defpackage.awu;
import defpackage.awx;
import defpackage.axc;
import defpackage.axd;
import defpackage.ayg;
import defpackage.ayr;
import defpackage.aza;
import defpackage.bof;
import defpackage.bqf;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes2.dex */
public class NetscapeCertRequest extends awx {
    String challenge;
    ayg content;
    bof keyAlg;
    PublicKey pubkey;
    bof sigAlg;
    byte[] sigBits;

    public NetscapeCertRequest(axd axdVar) {
        try {
            if (axdVar.f() != 3) {
                throw new IllegalArgumentException("invalid SPKAC (size):" + axdVar.f());
            }
            this.sigAlg = bof.a(axdVar.a(1));
            this.sigBits = ((ayg) axdVar.a(2)).d();
            axd axdVar2 = (axd) axdVar.a(0);
            if (axdVar2.f() != 2) {
                throw new IllegalArgumentException("invalid PKAC (len): " + axdVar2.f());
            }
            this.challenge = ((ayr) axdVar2.a(1)).b();
            this.content = new ayg(axdVar2);
            bqf a = bqf.a(axdVar2.a(0));
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new ayg(a).f());
            this.keyAlg = a.a();
            this.pubkey = KeyFactory.getInstance(this.keyAlg.a().b(), BouncyCastleProvider.PROVIDER_NAME).generatePublic(x509EncodedKeySpec);
        } catch (Exception e) {
            throw new IllegalArgumentException(e.toString());
        }
    }

    public NetscapeCertRequest(String str, bof bofVar, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        this.challenge = str;
        this.sigAlg = bofVar;
        this.pubkey = publicKey;
        awp awpVar = new awp();
        awpVar.a(getKeySpec());
        awpVar.a(new ayr(str));
        try {
            this.content = new ayg(new aza(awpVar));
        } catch (IOException e) {
            throw new InvalidKeySpecException("exception encoding key: " + e.toString());
        }
    }

    public NetscapeCertRequest(byte[] bArr) throws IOException {
        this(getReq(bArr));
    }

    private axc getKeySpec() throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byteArrayOutputStream.write(this.pubkey.getEncoded());
            byteArrayOutputStream.close();
            return new awu(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).d();
        } catch (IOException e) {
            throw new InvalidKeySpecException(e.getMessage());
        }
    }

    private static axd getReq(byte[] bArr) throws IOException {
        return axd.a((Object) new awu(new ByteArrayInputStream(bArr)).d());
    }

    public String getChallenge() {
        return this.challenge;
    }

    public bof getKeyAlgorithm() {
        return this.keyAlg;
    }

    public PublicKey getPublicKey() {
        return this.pubkey;
    }

    public bof getSigningAlgorithm() {
        return this.sigAlg;
    }

    public void setChallenge(String str) {
        this.challenge = str;
    }

    public void setKeyAlgorithm(bof bofVar) {
        this.keyAlg = bofVar;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.pubkey = publicKey;
    }

    public void setSigningAlgorithm(bof bofVar) {
        this.sigAlg = bofVar;
    }

    public void sign(PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException, InvalidKeySpecException {
        sign(privateKey, null);
    }

    public void sign(PrivateKey privateKey, SecureRandom secureRandom) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException, InvalidKeySpecException {
        Signature signature = Signature.getInstance(this.sigAlg.a().b(), BouncyCastleProvider.PROVIDER_NAME);
        if (secureRandom != null) {
            signature.initSign(privateKey, secureRandom);
        } else {
            signature.initSign(privateKey);
        }
        awp awpVar = new awp();
        awpVar.a(getKeySpec());
        awpVar.a(new ayr(this.challenge));
        try {
            signature.update(new aza(awpVar).getEncoded(awq.a));
            this.sigBits = signature.sign();
        } catch (IOException e) {
            throw new SignatureException(e.getMessage());
        }
    }

    @Override // defpackage.awx, defpackage.awo
    public axc toASN1Primitive() {
        awp awpVar = new awp();
        awp awpVar2 = new awp();
        try {
            awpVar2.a(getKeySpec());
        } catch (Exception unused) {
        }
        awpVar2.a(new ayr(this.challenge));
        awpVar.a(new aza(awpVar2));
        awpVar.a(this.sigAlg);
        awpVar.a(new ayg(this.sigBits));
        return new aza(awpVar);
    }

    public boolean verify(String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        if (!str.equals(this.challenge)) {
            return false;
        }
        Signature signature = Signature.getInstance(this.sigAlg.a().b(), BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(this.pubkey);
        signature.update(this.content.f());
        return signature.verify(this.sigBits);
    }
}
