package com.amazon.coral.internal.org.bouncycastle.jce.netscape;

import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1EncodableVector;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Encoding;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1InputStream;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Object;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Primitive;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Sequence;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERBitString;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERIA5String;
import com.amazon.coral.internal.org.bouncycastle.asn1.C$DERSequence;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$AlgorithmIdentifier;
import com.amazon.coral.internal.org.bouncycastle.asn1.x509.C$SubjectPublicKeyInfo;
import com.amazon.coral.internal.org.bouncycastle.jce.provider.C$BouncyCastleProvider;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;

/* renamed from: com.amazon.coral.internal.org.bouncycastle.jce.netscape.$NetscapeCertRequest, reason: invalid class name */
/* loaded from: classes3.dex */
public class C$NetscapeCertRequest extends C$ASN1Object {
    String challenge;
    C$DERBitString content;
    C$AlgorithmIdentifier keyAlg;
    PublicKey pubkey;
    C$AlgorithmIdentifier sigAlg;
    byte[] sigBits;

    public C$NetscapeCertRequest(C$ASN1Sequence c$ASN1Sequence) {
        try {
            if (c$ASN1Sequence.size() != 3) {
                throw new IllegalArgumentException("invalid SPKAC (size):" + c$ASN1Sequence.size());
            }
            this.sigAlg = C$AlgorithmIdentifier.getInstance(c$ASN1Sequence.getObjectAt(1));
            this.sigBits = ((C$DERBitString) c$ASN1Sequence.getObjectAt(2)).getOctets();
            C$ASN1Sequence c$ASN1Sequence2 = (C$ASN1Sequence) c$ASN1Sequence.getObjectAt(0);
            if (c$ASN1Sequence2.size() != 2) {
                throw new IllegalArgumentException("invalid PKAC (len): " + c$ASN1Sequence2.size());
            }
            this.challenge = ((C$DERIA5String) c$ASN1Sequence2.getObjectAt(1)).getString();
            this.content = new C$DERBitString(c$ASN1Sequence2);
            C$SubjectPublicKeyInfo c$SubjectPublicKeyInfo = C$SubjectPublicKeyInfo.getInstance(c$ASN1Sequence2.getObjectAt(0));
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(new C$DERBitString(c$SubjectPublicKeyInfo).getBytes());
            this.keyAlg = c$SubjectPublicKeyInfo.getAlgorithm();
            this.pubkey = KeyFactory.getInstance(this.keyAlg.getAlgorithm().getId(), C$BouncyCastleProvider.PROVIDER_NAME).generatePublic(x509EncodedKeySpec);
        } catch (Exception e) {
            throw new IllegalArgumentException(e.toString());
        }
    }

    public C$NetscapeCertRequest(String str, C$AlgorithmIdentifier c$AlgorithmIdentifier, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        this.challenge = str;
        this.sigAlg = c$AlgorithmIdentifier;
        this.pubkey = publicKey;
        C$ASN1EncodableVector c$ASN1EncodableVector = new C$ASN1EncodableVector();
        c$ASN1EncodableVector.add(getKeySpec());
        c$ASN1EncodableVector.add(new C$DERIA5String(str));
        try {
            this.content = new C$DERBitString(new C$DERSequence(c$ASN1EncodableVector));
        } catch (IOException e) {
            throw new InvalidKeySpecException("exception encoding key: " + e.toString());
        }
    }

    public C$NetscapeCertRequest(byte[] bArr) throws IOException {
        this(getReq(bArr));
    }

    private C$ASN1Primitive getKeySpec() throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            byteArrayOutputStream.write(this.pubkey.getEncoded());
            byteArrayOutputStream.close();
            return new C$ASN1InputStream(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).readObject();
        } catch (IOException e) {
            throw new InvalidKeySpecException(e.getMessage());
        }
    }

    private static C$ASN1Sequence getReq(byte[] bArr) throws IOException {
        return C$ASN1Sequence.getInstance(new C$ASN1InputStream(new ByteArrayInputStream(bArr)).readObject());
    }

    public String getChallenge() {
        return this.challenge;
    }

    public C$AlgorithmIdentifier getKeyAlgorithm() {
        return this.keyAlg;
    }

    public PublicKey getPublicKey() {
        return this.pubkey;
    }

    public C$AlgorithmIdentifier getSigningAlgorithm() {
        return this.sigAlg;
    }

    public void setChallenge(String str) {
        this.challenge = str;
    }

    public void setKeyAlgorithm(C$AlgorithmIdentifier c$AlgorithmIdentifier) {
        this.keyAlg = c$AlgorithmIdentifier;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.pubkey = publicKey;
    }

    public void setSigningAlgorithm(C$AlgorithmIdentifier c$AlgorithmIdentifier) {
        this.sigAlg = c$AlgorithmIdentifier;
    }

    public void sign(PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException, InvalidKeySpecException {
        sign(privateKey, null);
    }

    public void sign(PrivateKey privateKey, SecureRandom secureRandom) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException, InvalidKeySpecException {
        Signature signature = Signature.getInstance(this.sigAlg.getAlgorithm().getId(), C$BouncyCastleProvider.PROVIDER_NAME);
        if (secureRandom != null) {
            signature.initSign(privateKey, secureRandom);
        } else {
            signature.initSign(privateKey);
        }
        C$ASN1EncodableVector c$ASN1EncodableVector = new C$ASN1EncodableVector();
        c$ASN1EncodableVector.add(getKeySpec());
        c$ASN1EncodableVector.add(new C$DERIA5String(this.challenge));
        try {
            signature.update(new C$DERSequence(c$ASN1EncodableVector).getEncoded(C$ASN1Encoding.DER));
            this.sigBits = signature.sign();
        } catch (IOException e) {
            throw new SignatureException(e.getMessage());
        }
    }

    @Override // com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Object, com.amazon.coral.internal.org.bouncycastle.asn1.C$ASN1Encodable
    public C$ASN1Primitive toASN1Primitive() {
        C$ASN1EncodableVector c$ASN1EncodableVector = new C$ASN1EncodableVector();
        C$ASN1EncodableVector c$ASN1EncodableVector2 = new C$ASN1EncodableVector();
        try {
            c$ASN1EncodableVector2.add(getKeySpec());
        } catch (Exception e) {
        }
        c$ASN1EncodableVector2.add(new C$DERIA5String(this.challenge));
        c$ASN1EncodableVector.add(new C$DERSequence(c$ASN1EncodableVector2));
        c$ASN1EncodableVector.add(this.sigAlg);
        c$ASN1EncodableVector.add(new C$DERBitString(this.sigBits));
        return new C$DERSequence(c$ASN1EncodableVector);
    }

    public boolean verify(String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        if (!str.equals(this.challenge)) {
            return false;
        }
        Signature signature = Signature.getInstance(this.sigAlg.getAlgorithm().getId(), C$BouncyCastleProvider.PROVIDER_NAME);
        signature.initVerify(this.pubkey);
        signature.update(this.content.getBytes());
        return signature.verify(this.sigBits);
    }
}
