package com.sansec.engine.pkcs;

import com.owca.asn1.ASN1InputStream;
import com.owca.asn1.ASN1Object;
import com.owca.asn1.ASN1Sequence;
import com.owca.asn1.ASN1Set;
import com.owca.asn1.DERBitString;
import com.owca.asn1.DERNull;
import com.owca.asn1.DERObjectIdentifier;
import com.owca.asn1.DERSet;
import com.owca.asn1.pkcs.CertificationRequest;
import com.owca.asn1.pkcs.CertificationRequestInfo;
import com.owca.asn1.x509.AlgorithmIdentifier;
import com.owca.asn1.x509.DigestInfo;
import com.owca.asn1.x509.RSAPublicKeyStructure;
import com.owca.asn1.x509.SubjectPublicKeyInfo;
import com.owca.asn1.x509.X509Name;
import com.owca.asn1.x9.X9ObjectIdentifiers;
import com.owca.jce.X509Principal;
import com.owca.math.ec.ECPoint;
import com.sansec.engine.sm.SM2;
import com.sansec.engine.sm.SM2Utils;
import com.sansec.engine.sm.SM3Digest;
import com.sansec.engine.util.DigestUtil;
import com.sansec.engine.util.KeyUtil;
import com.sansec.engine.util.SigUtil;
import com.sansec.engine.x509.EngineSM2PrivateKey;
import com.sansec.engine.x509.EngineSM2PublicKey;
import com.sansec.engine.x509.EngineSM2Result;
import java.io.IOException;
import java.security.InvalidParameterException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class PKCS10 extends CertificationRequest {
    public String digestAlgName;
    public boolean isSM3WithSM2;
    public MessageDigest messageDigest;
    public PublicKey publicKey;
    public byte[] signature;

    public static PKCS10 getInstance(X509Name x509Name, String str, PublicKey publicKey) throws IOException {
        return getInstance(x509Name, str, publicKey, new DERSet());
    }

    public static PKCS10 getInstance(X509Name x509Name, String str, PublicKey publicKey, ASN1Set aSN1Set) throws IOException {
        PKCS10 pkcs10 = new PKCS10();
        String standardDigestName = DigestUtil.getStandardDigestName(str);
        pkcs10.digestAlgName = standardDigestName;
        pkcs10.publicKey = publicKey;
        pkcs10.sigAlgId = new AlgorithmIdentifier(SigUtil.getCombineAlgorithmName(DigestUtil.getAlgorithmOID(standardDigestName), KeyUtil.getAlgorithmOID(publicKey.getAlgorithm())), DERNull.INSTANCE);
        pkcs10.reqInfo = new CertificationRequestInfo(x509Name, new SubjectPublicKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(publicKey.getEncoded())), aSN1Set);
        if (DigestUtil.getAlgorithmName(DigestUtil.getAlgorithmOID(pkcs10.digestAlgName)).equals("SM3")) {
            pkcs10.isSM3WithSM2 = KeyUtil.getAlgorithmName(KeyUtil.getAlgorithmOID(publicKey.getAlgorithm())).equals("SM2");
        } else {
            try {
                pkcs10.messageDigest = MessageDigest.getInstance(pkcs10.digestAlgName);
            } catch (NoSuchAlgorithmException unused) {
                throw new IOException("digestAlgName Illegal Argument:" + pkcs10.digestAlgName);
            }
        }
        return pkcs10;
    }

    public static PKCS10 getInstance(String str, String str2, PublicKey publicKey) throws IOException {
        return getInstance(new X500Principal(str), str2, publicKey);
    }

    public static PKCS10 getInstance(X500Principal x500Principal, String str, PublicKey publicKey) throws IOException {
        return getInstance(new X509Principal(x500Principal.getEncoded()), str, publicKey);
    }

    public static PKCS10 getInstance(byte[] bArr) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        PKCS10 pkcs10 = new PKCS10();
        CertificationRequest certificationRequest = new CertificationRequest((ASN1Sequence) new ASN1InputStream(bArr).readObject());
        pkcs10.reqInfo = certificationRequest.getCertificationRequestInfo();
        pkcs10.sigAlgId = certificationRequest.getSignatureAlgorithm();
        pkcs10.sigBits = certificationRequest.getSignature();
        pkcs10.signature = certificationRequest.getSignature().getBytes();
        pkcs10.digestAlgName = SigUtil.getDigAlgFromSigAlg(SigUtil.getAlgorithmName(certificationRequest.getSignatureAlgorithm().getObjectId()));
        byte[] bytes = certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
        DERObjectIdentifier objectId = certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo().getAlgorithmId().getObjectId();
        String algorithmName = objectId.equals(X9ObjectIdentifiers.id_ecPublicKey) ? KeyUtil.getAlgorithmName((DERObjectIdentifier) certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo().getAlgorithmId().getParameters().getDERObject()) : KeyUtil.getAlgorithmName(objectId);
        pkcs10.isSM3WithSM2 = algorithmName.equals("SM2");
        if (algorithmName.equals("SM2")) {
            pkcs10.publicKey = EngineSM2PublicKey.parseEncode(bytes);
            return pkcs10;
        }
        if (algorithmName.equals("RSA")) {
            RSAPublicKeyStructure rSAPublicKeyStructure = new RSAPublicKeyStructure((ASN1Sequence) new ASN1InputStream(bytes).readObject());
            pkcs10.publicKey = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent()));
            return pkcs10;
        }
        throw new InvalidParameterException("Unsupport Algorithm ObjectIdentifiers:" + algorithmName);
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    public CertificationRequestInfo getReqInfo() {
        return this.reqInfo;
    }

    public byte[] getRequestInfoDigest() {
        return getRequestInfoDigest("1234567812345678".getBytes());
    }

    public byte[] getRequestInfoDigest(byte[] bArr) {
        return getRequestInfoDigest(bArr, getRequestInfoEncoded());
    }

    public byte[] getRequestInfoDigest(byte[] bArr, byte[] bArr2) {
        if (!this.isSM3WithSM2) {
            this.messageDigest.reset();
            this.messageDigest.update(bArr2);
            return this.messageDigest.digest();
        }
        EngineSM2PublicKey engineSM2PublicKey = (EngineSM2PublicKey) this.publicKey;
        SM2 Instance = SM2.Instance();
        ECPoint decodePoint = Instance.ecc_curve.decodePoint(engineSM2PublicKey.getPublicKeyData());
        SM3Digest sM3Digest = new SM3Digest();
        byte[] sm2GetZ = Instance.sm2GetZ(bArr, decodePoint);
        sM3Digest.update(sm2GetZ, 0, sm2GetZ.length);
        sM3Digest.update(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[32];
        sM3Digest.doFinal(bArr3, 0);
        return bArr3;
    }

    public byte[] getRequestInfoDigestEncoded() throws IOException {
        return !this.isSM3WithSM2 ? new DigestInfo(new AlgorithmIdentifier(DigestUtil.getAlgorithmOID(this.digestAlgName), DERNull.INSTANCE), getRequestInfoDigest()).getEncoded() : getRequestInfoDigest();
    }

    public byte[] getRequestInfoEncoded() {
        return this.reqInfo.toASN1Object().getDEREncoded();
    }

    public AlgorithmIdentifier getSigAlgId() {
        return this.sigAlgId;
    }

    public byte[] getSignatureValue() {
        byte[] bArr = this.signature;
        return bArr != null ? bArr : this.sigBits.getBytes();
    }

    public void setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
    }

    public void setReqInfo(CertificationRequestInfo certificationRequestInfo) {
        this.reqInfo = certificationRequestInfo;
    }

    public void setSignature(byte[] bArr) {
        this.signature = bArr;
        this.sigBits = new DERBitString(bArr);
    }

    public void sign(PrivateKey privateKey) throws IOException {
        if (this.isSM3WithSM2) {
            setSignature(EngineSM2Result.parse(SM2Utils.sign(((EngineSM2PrivateKey) privateKey).getD().toByteArray(), getRequestInfoEncoded())).getEncoded());
            return;
        }
        try {
            Signature signature = Signature.getInstance(DigestUtil.getAlgorithmName(DigestUtil.getAlgorithmOID(this.digestAlgName)) + "WITH" + this.publicKey.getAlgorithm());
            signature.initSign(privateKey);
            signature.update(getRequestInfoEncoded());
            setSignature(signature.sign());
        } catch (Exception e) {
            throw new IOException(e.getMessage() + " digestAlgName Illegal Argument:" + this.digestAlgName);
        }
    }

    public void sign(byte[] bArr, PrivateKey privateKey) throws IOException {
        setSignature(EngineSM2Result.parse(SM2Utils.sign(((EngineSM2PrivateKey) privateKey).getD().toByteArray(), bArr)).getEncoded());
    }

    public boolean verify() throws IOException {
        if (this.isSM3WithSM2) {
            return SM2Utils.verifySign(((EngineSM2PublicKey) this.publicKey).getPublicKeyData(), getRequestInfoEncoded(), EngineSM2Result.getInstance(this.signature).getResultValue());
        }
        if (!this.publicKey.getAlgorithm().equals("RSA")) {
            throw new IOException("sigAlgName Illegal Argument:" + this.publicKey.getAlgorithm());
        }
        try {
            Signature signature = Signature.getInstance(DigestUtil.getAlgorithmName(DigestUtil.getAlgorithmOID(this.digestAlgName)) + "WITH" + this.publicKey.getAlgorithm());
            signature.initVerify(this.publicKey);
            signature.update(getRequestInfoEncoded());
            return signature.verify(this.signature);
        } catch (Exception e) {
            throw new IOException(e.getMessage() + " digestAlgName Illegal Argument:" + this.digestAlgName);
        }
    }
}
