package org.bouncycastle.jce;

import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PSSParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ag.r;
import org.bouncycastle.asn1.ax;
import org.bouncycastle.asn1.bk;
import org.bouncycastle.asn1.l;
import org.bouncycastle.asn1.m;
import org.bouncycastle.asn1.p;
import org.bouncycastle.asn1.t;
import org.bouncycastle.asn1.u;
import org.bouncycastle.asn1.w;
import org.bouncycastle.asn1.x.aa;
import org.bouncycastle.asn1.x.s;
import org.bouncycastle.asn1.x509.bb;
import org.bouncycastle.asn1.x509.bv;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Strings;

/* loaded from: classes2.dex */
public class e extends org.bouncycastle.asn1.x.e {
    private static Hashtable algorithms = new Hashtable();
    private static Hashtable params = new Hashtable();
    private static Hashtable keyAlgorithms = new Hashtable();
    private static Hashtable oids = new Hashtable();
    private static Set noParams = new HashSet();

    static {
        algorithms.put("MD2WITHRSAENCRYPTION", new p("1.2.840.113549.1.1.2"));
        algorithms.put("MD2WITHRSA", new p("1.2.840.113549.1.1.2"));
        algorithms.put("MD5WITHRSAENCRYPTION", new p("1.2.840.113549.1.1.4"));
        algorithms.put("MD5WITHRSA", new p("1.2.840.113549.1.1.4"));
        algorithms.put("RSAWITHMD5", new p("1.2.840.113549.1.1.4"));
        algorithms.put("SHA1WITHRSAENCRYPTION", new p("1.2.840.113549.1.1.5"));
        algorithms.put("SHA1WITHRSA", new p("1.2.840.113549.1.1.5"));
        algorithms.put("SHA224WITHRSAENCRYPTION", s.sha224WithRSAEncryption);
        algorithms.put("SHA224WITHRSA", s.sha224WithRSAEncryption);
        algorithms.put("SHA256WITHRSAENCRYPTION", s.sha256WithRSAEncryption);
        algorithms.put("SHA256WITHRSA", s.sha256WithRSAEncryption);
        algorithms.put("SHA384WITHRSAENCRYPTION", s.sha384WithRSAEncryption);
        algorithms.put("SHA384WITHRSA", s.sha384WithRSAEncryption);
        algorithms.put("SHA512WITHRSAENCRYPTION", s.sha512WithRSAEncryption);
        algorithms.put("SHA512WITHRSA", s.sha512WithRSAEncryption);
        algorithms.put("SHA1WITHRSAANDMGF1", s.id_RSASSA_PSS);
        algorithms.put("SHA224WITHRSAANDMGF1", s.id_RSASSA_PSS);
        algorithms.put("SHA256WITHRSAANDMGF1", s.id_RSASSA_PSS);
        algorithms.put("SHA384WITHRSAANDMGF1", s.id_RSASSA_PSS);
        algorithms.put("SHA512WITHRSAANDMGF1", s.id_RSASSA_PSS);
        algorithms.put("RSAWITHSHA1", new p("1.2.840.113549.1.1.5"));
        algorithms.put("RIPEMD128WITHRSAENCRYPTION", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd128);
        algorithms.put("RIPEMD128WITHRSA", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd128);
        algorithms.put("RIPEMD160WITHRSAENCRYPTION", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd160);
        algorithms.put("RIPEMD160WITHRSA", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd160);
        algorithms.put("RIPEMD256WITHRSAENCRYPTION", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd256);
        algorithms.put("RIPEMD256WITHRSA", org.bouncycastle.asn1.ab.b.rsaSignatureWithripemd256);
        algorithms.put("SHA1WITHDSA", new p("1.2.840.10040.4.3"));
        algorithms.put("DSAWITHSHA1", new p("1.2.840.10040.4.3"));
        algorithms.put("SHA224WITHDSA", org.bouncycastle.asn1.t.b.dsa_with_sha224);
        algorithms.put("SHA256WITHDSA", org.bouncycastle.asn1.t.b.dsa_with_sha256);
        algorithms.put("SHA384WITHDSA", org.bouncycastle.asn1.t.b.dsa_with_sha384);
        algorithms.put("SHA512WITHDSA", org.bouncycastle.asn1.t.b.dsa_with_sha512);
        algorithms.put("SHA1WITHECDSA", r.ecdsa_with_SHA1);
        algorithms.put("SHA224WITHECDSA", r.ecdsa_with_SHA224);
        algorithms.put("SHA256WITHECDSA", r.ecdsa_with_SHA256);
        algorithms.put("SHA384WITHECDSA", r.ecdsa_with_SHA384);
        algorithms.put("SHA512WITHECDSA", r.ecdsa_with_SHA512);
        algorithms.put("ECDSAWITHSHA1", r.ecdsa_with_SHA1);
        algorithms.put("GOST3411WITHGOST3410", org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_94);
        algorithms.put("GOST3410WITHGOST3411", org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_94);
        algorithms.put("GOST3411WITHECGOST3410", org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_2001);
        algorithms.put("GOST3411WITHECGOST3410-2001", org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_2001);
        algorithms.put("GOST3411WITHGOST3410-2001", org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_2001);
        oids.put(new p("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
        oids.put(s.sha224WithRSAEncryption, "SHA224WITHRSA");
        oids.put(s.sha256WithRSAEncryption, "SHA256WITHRSA");
        oids.put(s.sha384WithRSAEncryption, "SHA384WITHRSA");
        oids.put(s.sha512WithRSAEncryption, "SHA512WITHRSA");
        oids.put(org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
        oids.put(org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
        oids.put(new p("1.2.840.113549.1.1.4"), "MD5WITHRSA");
        oids.put(new p("1.2.840.113549.1.1.2"), "MD2WITHRSA");
        oids.put(new p("1.2.840.10040.4.3"), "SHA1WITHDSA");
        oids.put(r.ecdsa_with_SHA1, "SHA1WITHECDSA");
        oids.put(r.ecdsa_with_SHA224, "SHA224WITHECDSA");
        oids.put(r.ecdsa_with_SHA256, "SHA256WITHECDSA");
        oids.put(r.ecdsa_with_SHA384, "SHA384WITHECDSA");
        oids.put(r.ecdsa_with_SHA512, "SHA512WITHECDSA");
        oids.put(org.bouncycastle.asn1.w.b.sha1WithRSA, "SHA1WITHRSA");
        oids.put(org.bouncycastle.asn1.w.b.dsaWithSHA1, "SHA1WITHDSA");
        oids.put(org.bouncycastle.asn1.t.b.dsa_with_sha224, "SHA224WITHDSA");
        oids.put(org.bouncycastle.asn1.t.b.dsa_with_sha256, "SHA256WITHDSA");
        keyAlgorithms.put(s.rsaEncryption, "RSA");
        keyAlgorithms.put(r.id_dsa, "DSA");
        noParams.add(r.ecdsa_with_SHA1);
        noParams.add(r.ecdsa_with_SHA224);
        noParams.add(r.ecdsa_with_SHA256);
        noParams.add(r.ecdsa_with_SHA384);
        noParams.add(r.ecdsa_with_SHA512);
        noParams.add(r.id_dsa_with_sha1);
        noParams.add(org.bouncycastle.asn1.t.b.dsa_with_sha224);
        noParams.add(org.bouncycastle.asn1.t.b.dsa_with_sha256);
        noParams.add(org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_94);
        noParams.add(org.bouncycastle.asn1.g.a.gostR3411_94_with_gostR3410_2001);
        params.put("SHA1WITHRSAANDMGF1", a(new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.w.b.idSHA1, bk.INSTANCE), 20));
        params.put("SHA224WITHRSAANDMGF1", a(new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.t.b.id_sha224, bk.INSTANCE), 28));
        params.put("SHA256WITHRSAANDMGF1", a(new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.t.b.id_sha256, bk.INSTANCE), 32));
        params.put("SHA384WITHRSAANDMGF1", a(new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.t.b.id_sha384, bk.INSTANCE), 48));
        params.put("SHA512WITHRSAANDMGF1", a(new org.bouncycastle.asn1.x509.b(org.bouncycastle.asn1.t.b.id_sha512, bk.INSTANCE), 64));
    }

    public e(String str, X500Principal x500Principal, PublicKey publicKey, w wVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, a(x500Principal), publicKey, wVar, privateKey, BouncyCastleProvider.PROVIDER_NAME);
    }

    public e(String str, X500Principal x500Principal, PublicKey publicKey, w wVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, a(x500Principal), publicKey, wVar, privateKey, str2);
    }

    public e(String str, bv bvVar, PublicKey publicKey, w wVar, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        this(str, bvVar, publicKey, wVar, privateKey, BouncyCastleProvider.PROVIDER_NAME);
    }

    public e(String str, bv bvVar, PublicKey publicKey, w wVar, PrivateKey privateKey, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        p pVar;
        String upperCase = Strings.toUpperCase(str);
        p pVar2 = (p) algorithms.get(upperCase);
        if (pVar2 == null) {
            try {
                pVar = new p(upperCase);
            } catch (Exception e) {
                throw new IllegalArgumentException("Unknown signature type requested");
            }
        } else {
            pVar = pVar2;
        }
        if (bvVar == null) {
            throw new IllegalArgumentException("subject must not be null");
        }
        if (publicKey == null) {
            throw new IllegalArgumentException("public key must not be null");
        }
        if (noParams.contains(pVar)) {
            this.sigAlgId = new org.bouncycastle.asn1.x509.b(pVar);
        } else if (params.containsKey(upperCase)) {
            this.sigAlgId = new org.bouncycastle.asn1.x509.b(pVar, (org.bouncycastle.asn1.f) params.get(upperCase));
        } else {
            this.sigAlgId = new org.bouncycastle.asn1.x509.b(pVar, bk.INSTANCE);
        }
        try {
            this.reqInfo = new org.bouncycastle.asn1.x.f(bvVar, bb.getInstance((u) t.fromByteArray(publicKey.getEncoded())), wVar);
            Signature signature = str2 == null ? Signature.getInstance(str) : Signature.getInstance(str, str2);
            signature.initSign(privateKey);
            try {
                signature.update(this.reqInfo.getEncoded(org.bouncycastle.asn1.h.DER));
                this.sigBits = new ax(signature.sign());
            } catch (Exception e2) {
                throw new IllegalArgumentException("exception encoding TBS cert request - " + e2);
            }
        } catch (IOException e3) {
            throw new IllegalArgumentException("can't encode public key");
        }
    }

    public e(u uVar) {
        super(uVar);
    }

    public e(byte[] bArr) {
        super(a(bArr));
    }

    private static String a(p pVar) {
        return s.md5.equals(pVar) ? "MD5" : org.bouncycastle.asn1.w.b.idSHA1.equals(pVar) ? "SHA1" : org.bouncycastle.asn1.t.b.id_sha224.equals(pVar) ? "SHA224" : org.bouncycastle.asn1.t.b.id_sha256.equals(pVar) ? "SHA256" : org.bouncycastle.asn1.t.b.id_sha384.equals(pVar) ? "SHA384" : org.bouncycastle.asn1.t.b.id_sha512.equals(pVar) ? "SHA512" : org.bouncycastle.asn1.ab.b.ripemd128.equals(pVar) ? "RIPEMD128" : org.bouncycastle.asn1.ab.b.ripemd160.equals(pVar) ? "RIPEMD160" : org.bouncycastle.asn1.ab.b.ripemd256.equals(pVar) ? "RIPEMD256" : org.bouncycastle.asn1.g.a.gostR3411.equals(pVar) ? "GOST3411" : pVar.getId();
    }

    static String a(org.bouncycastle.asn1.x509.b bVar) {
        org.bouncycastle.asn1.f parameters = bVar.getParameters();
        if (parameters == null || bk.INSTANCE.equals(parameters) || !bVar.getAlgorithm().equals(s.id_RSASSA_PSS)) {
            return bVar.getAlgorithm().getId();
        }
        return a(aa.getInstance(parameters).getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
    }

    private static u a(byte[] bArr) {
        try {
            return (u) new l(bArr).readObject();
        } catch (Exception e) {
            throw new IllegalArgumentException("badly encoded request");
        }
    }

    private static aa a(org.bouncycastle.asn1.x509.b bVar, int i) {
        return new aa(bVar, new org.bouncycastle.asn1.x509.b(s.id_mgf1, bVar), new m(i), new m(1L));
    }

    private static bv a(X500Principal x500Principal) {
        try {
            return new j(x500Principal.getEncoded());
        } catch (IOException e) {
            throw new IllegalArgumentException("can't convert name");
        }
    }

    private void a(Signature signature, org.bouncycastle.asn1.f fVar) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (fVar == null || bk.INSTANCE.equals(fVar)) {
            return;
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
        try {
            algorithmParameters.init(fVar.toASN1Primitive().getEncoded(org.bouncycastle.asn1.h.DER));
            if (signature.getAlgorithm().endsWith("MGF1")) {
                try {
                    signature.setParameter(algorithmParameters.getParameterSpec(PSSParameterSpec.class));
                } catch (GeneralSecurityException e) {
                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
                }
            }
        } catch (IOException e2) {
            throw new SignatureException("IOException decoding parameters: " + e2.getMessage());
        }
    }

    @Override // org.bouncycastle.asn1.o, org.bouncycastle.util.d
    public byte[] getEncoded() {
        try {
            return getEncoded(org.bouncycastle.asn1.h.DER);
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public PublicKey getPublicKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        return getPublicKey(BouncyCastleProvider.PROVIDER_NAME);
    }

    public PublicKey getPublicKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
        bb subjectPublicKeyInfo = this.reqInfo.getSubjectPublicKeyInfo();
        try {
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new ax(subjectPublicKeyInfo).getOctets());
            org.bouncycastle.asn1.x509.b algorithm = subjectPublicKeyInfo.getAlgorithm();
            try {
                return str == null ? KeyFactory.getInstance(algorithm.getAlgorithm().getId()).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(algorithm.getAlgorithm().getId(), str).generatePublic(x509EncodedKeySpec);
            } catch (NoSuchAlgorithmException e) {
                if (keyAlgorithms.get(algorithm.getAlgorithm()) == null) {
                    throw e;
                }
                String str2 = (String) keyAlgorithms.get(algorithm.getAlgorithm());
                return str == null ? KeyFactory.getInstance(str2).generatePublic(x509EncodedKeySpec) : KeyFactory.getInstance(str2, str).generatePublic(x509EncodedKeySpec);
            }
        } catch (IOException e2) {
            throw new InvalidKeyException("error decoding public key");
        } catch (InvalidKeySpecException e3) {
            throw new InvalidKeyException("error decoding public key");
        }
    }

    public boolean verify() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(BouncyCastleProvider.PROVIDER_NAME);
    }

    public boolean verify(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        return verify(getPublicKey(str), str);
    }

    public boolean verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature;
        try {
            signature = str == null ? Signature.getInstance(a(this.sigAlgId)) : Signature.getInstance(a(this.sigAlgId), str);
        } catch (NoSuchAlgorithmException e) {
            if (oids.get(this.sigAlgId.getAlgorithm()) == null) {
                throw e;
            }
            String str2 = (String) oids.get(this.sigAlgId.getAlgorithm());
            signature = str == null ? Signature.getInstance(str2) : Signature.getInstance(str2, str);
        }
        a(signature, this.sigAlgId.getParameters());
        signature.initVerify(publicKey);
        try {
            signature.update(this.reqInfo.getEncoded(org.bouncycastle.asn1.h.DER));
            return signature.verify(this.sigBits.getOctets());
        } catch (Exception e2) {
            throw new SignatureException("exception encoding TBS cert request - " + e2);
        }
    }
}
