package com.oracle.apm.agent.repackaged.oracle.security.crypto.cert;

import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1BitString;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1FormatException;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1GenericConstructed;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1Integer;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1Object;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1ObjectID;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1Sequence;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.asn1.ASN1SequenceInputStream;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.AlgID;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.AlgorithmIdentifier;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.AuthenticationException;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.KeyPair;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.PublicKey;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.RandomBitsSource;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.core.SignatureException;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.provider.JCEUtil;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.util.CryptoUtils;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.util.InvalidInputException;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.util.OutputGenerationException;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.util.UnsyncByteArrayInputStream;
import com.oracle.apm.agent.repackaged.oracle.security.crypto.util.Utils;
import com.oracle.apm.agent.repackaged.oracle.security.pki.PKIConstants;
import java.io.Externalizable;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.interfaces.ECPrivateKey;
import java.util.ArrayList;

/* loaded from: input_file:com/oracle/apm/agent/repackaged/oracle/security/crypto/cert/CertificateRequest.class */
public class CertificateRequest implements ASN1Object, Externalizable {
    private X500Name subject;
    private PublicKey pubKey;
    private AttributeSet attributes;
    private ASN1Sequence certReqInfo;
    private PrivateKey privKey;
    private AlgorithmIdentifier sigAlgID;
    private byte[] sigBytes;
    private boolean useWrongFormat;
    private ASN1Sequence contents;

    public CertificateRequest() {
        this.contents = null;
    }

    public CertificateRequest(X500Name x500Name, java.security.PublicKey publicKey, PrivateKey privateKey) {
        this(x500Name, publicKey, privateKey, false);
    }

    public CertificateRequest(X500Name x500Name, java.security.PublicKey publicKey, PrivateKey privateKey, boolean z) {
        this.contents = null;
        this.subject = x500Name;
        this.pubKey = CryptoUtils.fromJCEPublicKey(publicKey);
        this.privKey = privateKey;
        this.useWrongFormat = z;
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair) {
        this(x500Name, keyPair, false);
    }

    public CertificateRequest(X500Name x500Name, KeyPair keyPair, boolean z) {
        this.contents = null;
        this.subject = x500Name;
        this.pubKey = keyPair.getPublic();
        this.privKey = keyPair.getPrivate();
        this.useWrongFormat = z;
    }

    public CertificateRequest(InputStream inputStream) throws IOException {
        this.contents = null;
        input(inputStream);
    }

    public CertificateRequest(byte[] bArr) throws IOException {
        this(new UnsyncByteArrayInputStream(bArr));
    }

    public void sign() throws SignatureException {
        getCertReqInfo();
        try {
            if (this.sigAlgID == null) {
                if (!this.privKey.getAlgorithm().equals(PKIConstants.RSA)) {
                    if (!this.privKey.getAlgorithm().equals("DSA")) {
                        if (this.privKey.getAlgorithm().equals(PKIConstants.EC)) {
                            switch (((ECPrivateKey) this.privKey).getParams().getCurve().getField().getFieldSize()) {
                                case 256:
                                    this.sigAlgID = AlgID.ecdsaWithSHA256;
                                    break;
                                case 384:
                                    this.sigAlgID = AlgID.ecdsaWithSHA384;
                                    break;
                                case X509Attributes.SET_ACQ /* 512 */:
                                    this.sigAlgID = AlgID.ecdsaWithSHA512;
                                    break;
                                default:
                                    this.sigAlgID = AlgID.ecdsaWithSHA1;
                                    break;
                            }
                        }
                    } else {
                        this.sigAlgID = AlgID.dsaWithSHA1;
                    }
                } else {
                    this.sigAlgID = AlgID.sha256WithRSAEncryption;
                }
            }
            Signature signatureInstance = JCEUtil.getSignatureInstance(CryptoUtils.getSignatureAlg(this.sigAlgID));
            signatureInstance.initSign(this.privKey);
            signatureInstance.update(Utils.toBytes(this.certReqInfo));
            this.sigBytes = signatureInstance.sign();
            reset();
        } catch (InvalidKeyException e) {
            throw new SignatureException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SignatureException(e2);
        } catch (java.security.SignatureException e3) {
            throw new SignatureException(e3);
        }
    }

    public void sign(RandomBitsSource randomBitsSource) throws SignatureException {
        sign();
    }

    public byte[] getSigBytes() throws SignatureException {
        if (this.sigBytes == null) {
            sign();
        }
        return this.sigBytes;
    }

    private ASN1Sequence getCertReqInfo() {
        if (this.certReqInfo == null) {
            this.certReqInfo = new ASN1Sequence();
            this.certReqInfo.addElement(new ASN1Integer(0L));
            this.certReqInfo.addElement(this.subject);
            this.certReqInfo.addElement(CryptoUtils.subjectPublicKeyInfo(this.pubKey));
            if (this.attributes != null) {
                this.certReqInfo.addElement(new ASN1GenericConstructed(this.attributes.toASN1Set().elementsAsList(), 0));
            } else if (!this.useWrongFormat) {
                this.certReqInfo.addElement(new ASN1GenericConstructed(new ArrayList(), 0));
            }
        }
        return this.certReqInfo;
    }

    @Override // com.oracle.apm.agent.repackaged.oracle.security.crypto.util.Streamable
    public void input(InputStream inputStream) throws IOException {
        resetAll();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        this.certReqInfo = new ASN1Sequence(aSN1SequenceInputStream);
        this.sigAlgID = new AlgorithmIdentifier(aSN1SequenceInputStream);
        this.sigBytes = ASN1BitString.inputValue(aSN1SequenceInputStream);
        aSN1SequenceInputStream.terminate();
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(Utils.toStream(this.certReqInfo));
        int intValue = ASN1Integer.inputValue(aSN1SequenceInputStream2).intValue();
        if (intValue != 0) {
            throw new ASN1FormatException("Expected version 0, got " + intValue);
        }
        this.subject = new X500Name(aSN1SequenceInputStream2);
        this.pubKey = CryptoUtils.inputSPKI(aSN1SequenceInputStream2);
        if (aSN1SequenceInputStream2.hasMoreData()) {
            if (aSN1SequenceInputStream2.getCurrentTag() != 0) {
                throw new ASN1FormatException("Expected tag 0, got " + aSN1SequenceInputStream2.getCurrentTag());
            }
            aSN1SequenceInputStream2.setCurrentTag(17);
            this.attributes = new AttributeSet(aSN1SequenceInputStream2);
        }
        aSN1SequenceInputStream2.terminate();
        try {
            verifySignature();
        } catch (AuthenticationException e) {
            throw new IOException(e);
        }
    }

    public boolean verifySignature() throws AuthenticationException {
        try {
            Signature signatureInstance = JCEUtil.getSignatureInstance(CryptoUtils.getSignatureAlg(this.sigAlgID));
            signatureInstance.initVerify(this.pubKey);
            signatureInstance.update(Utils.toBytes(this.certReqInfo));
            return signatureInstance.verify(this.sigBytes);
        } catch (InvalidKeyException e) {
            throw new AuthenticationException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticationException(e2);
        } catch (java.security.SignatureException e3) {
            throw new AuthenticationException(e3);
        }
    }

    @Override // com.oracle.apm.agent.repackaged.oracle.security.crypto.util.Streamable
    public void output(OutputStream outputStream) throws IOException {
        try {
            toASN1Sequence().output(outputStream);
        } catch (SignatureException e) {
            throw new OutputGenerationException((Exception) e);
        }
    }

    @Override // com.oracle.apm.agent.repackaged.oracle.security.crypto.util.Streamable
    public int length() {
        try {
            return toASN1Sequence().length();
        } catch (SignatureException e) {
            return 0;
        }
    }

    ASN1Sequence toASN1Sequence() throws SignatureException {
        if (this.contents == null) {
            getSigBytes();
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.addElement(this.certReqInfo);
            aSN1Sequence.addElement(this.sigAlgID);
            aSN1Sequence.addElement(new ASN1BitString(this.sigBytes));
            this.contents = aSN1Sequence;
        }
        return this.contents;
    }

    private void reset() {
        this.contents = null;
    }

    private void resetAll() {
        reset();
        this.certReqInfo = null;
        this.sigBytes = null;
    }

    public void setSubject(X500Name x500Name) {
        this.subject = x500Name;
        resetAll();
    }

    public X500Name getSubject() {
        return this.subject;
    }

    public void setPublicKey(PublicKey publicKey) {
        setPublicKey((java.security.PublicKey) publicKey);
    }

    public PublicKey getPublicKey() {
        return this.pubKey;
    }

    public void setPublicKey(java.security.PublicKey publicKey) {
        this.pubKey = CryptoUtils.fromJCEPublicKey(publicKey);
        resetAll();
    }

    public void setPrivateKey(com.oracle.apm.agent.repackaged.oracle.security.crypto.core.PrivateKey privateKey) {
        setPrivateKey(privateKey, (AlgorithmIdentifier) null);
    }

    public void setPrivateKey(com.oracle.apm.agent.repackaged.oracle.security.crypto.core.PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.privKey = privateKey;
        setSigAlgID(algorithmIdentifier);
    }

    public void setPrivateKey(PrivateKey privateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.privKey = privateKey;
        setSigAlgID(algorithmIdentifier);
    }

    public void setSigAlgID(AlgorithmIdentifier algorithmIdentifier) {
        this.sigAlgID = algorithmIdentifier;
        resetAll();
    }

    public AlgorithmIdentifier getSigAlgID() {
        return this.sigAlgID;
    }

    public Attribute addAttribute(ASN1ObjectID aSN1ObjectID, ASN1Object aSN1Object) {
        return addAttribute(new Attribute(aSN1ObjectID, aSN1Object));
    }

    public Attribute addAttribute(Attribute attribute) {
        resetAll();
        if (this.attributes == null) {
            this.attributes = new AttributeSet();
        }
        return this.attributes.addAttribute(attribute);
    }

    public Attribute getAttribute(ASN1ObjectID aSN1ObjectID) {
        if (this.attributes != null) {
            return this.attributes.getAttribute(aSN1ObjectID);
        }
        return null;
    }

    public AttributeSet getAttributes() {
        return this.attributes;
    }

    public X509Extension addExtension(X509Extension x509Extension) {
        X509ExtensionSet extensions = getExtensions();
        if (extensions == null) {
            extensions = new X509ExtensionSet();
        }
        X509Extension extension = extensions.getExtension(x509Extension.getType());
        extensions.addExtension(x509Extension);
        setExtensions(extensions);
        return extension;
    }

    public X509ExtensionSet setExtensions(X509ExtensionSet x509ExtensionSet) {
        Attribute addAttribute = addAttribute(PKIX.extensionRequest, x509ExtensionSet);
        if (addAttribute == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream(addAttribute.getValuesAsList().get(0)));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public X509ExtensionSet getExtensions() {
        Attribute attribute = getAttribute(PKIX.extensionRequest);
        if (attribute == null) {
            return null;
        }
        try {
            return new X509ExtensionSet(Utils.toStream(attribute.getValuesAsList().get(0)));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public void setUseWrongFormat(boolean z) {
        this.useWrongFormat = z;
        resetAll();
    }

    public boolean getUseWrongFormat() {
        return this.useWrongFormat;
    }

    public String toString() {
        return "subject = " + this.subject + ", pubKey = " + this.pubKey;
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeObject(Utils.toBytes(this));
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        try {
            input(new UnsyncByteArrayInputStream((byte[]) objectInput.readObject()));
        } catch (ClassCastException e) {
            throw new InvalidInputException((Exception) e);
        }
    }
}
