package com.ibm.security.crmf;

import com.ibm.security.cmputil.CMPDerObject;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.x509.AlgorithmId;
import com.ibm.security.x509.X500Name;
import java.io.IOException;
import java.io.OutputStream;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Vector;

/* loaded from: input_file:ca142-20050929a-sdk.jar:sdk/jre/lib/ext/CmpCrmf.jar:com/ibm/security/crmf/CertReqMsg.class */
public final class CertReqMsg extends CMPDerObject {
    private CertRequest certReq;
    private ProofOfPossession pop;
    private RegistrationInfo[] regInfo;
    private static final String IBM_JCE_PROVIDER = "IBMJCE";
    private static final String IBM_JCA_PROVIDER = "IBMJCA";

    public CertReqMsg(CertRequest certRequest, ProofOfPossession proofOfPossession, AttributeTypeAndValue[] attributeTypeAndValueArr) {
        if (certRequest == null) {
            throw new IllegalArgumentException("CertRequest must be specified");
        }
        this.certReq = certRequest;
        this.pop = proofOfPossession;
        this.regInfo = (RegistrationInfo[]) attributeTypeAndValueArr;
    }

    public CertReqMsg(byte[] bArr) throws IOException {
        super(bArr);
    }

    public CertReqMsg addRegInfo(RegistrationInfo[] registrationInfoArr) throws IOException {
        CertReqMsg certReqMsg = (CertReqMsg) clone();
        if (registrationInfoArr == null || registrationInfoArr.length == 0) {
            return certReqMsg;
        }
        if (certReqMsg.regInfo == null) {
            certReqMsg.regInfo = registrationInfoArr;
        } else {
            int length = certReqMsg.regInfo.length + registrationInfoArr.length;
            RegistrationInfo[] registrationInfoArr2 = new RegistrationInfo[length];
            int i = 0;
            while (i < certReqMsg.regInfo.length) {
                registrationInfoArr2[i] = certReqMsg.regInfo[i];
                i++;
            }
            int i2 = i;
            int i3 = 0;
            while (i2 < length) {
                registrationInfoArr2[i2] = registrationInfoArr[i3];
                i2++;
                i3++;
            }
            certReqMsg.regInfo = registrationInfoArr2;
        }
        return certReqMsg;
    }

    public Object clone() {
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            encode(derOutputStream);
            return new CertReqMsg(derOutputStream.toByteArray());
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.ibm.security.cmputil.CMPDerObject
    protected void decode(DerValue derValue) throws IOException {
        if (derValue.getTag() != 48) {
            throw new IOException("CertReqMsg parsing error, invalid tag");
        }
        if (derValue.getData().available() == 0) {
            throw new IOException("CertReqMsg parsing error, missing data");
        }
        this.certReq = null;
        this.pop = null;
        this.regInfo = null;
        this.certReq = new CertRequest(derValue.getData().getDerValue().toByteArray());
        if (derValue.getData().available() == 0) {
            return;
        }
        DerValue derValue2 = derValue.getData().getDerValue();
        if (derValue2.getTag() != 48) {
            this.pop = new ProofOfPossession(derValue2.toByteArray());
            if (derValue.getData().available() == 0) {
                return;
            } else {
                derValue2 = derValue.getData().getDerValue();
            }
        }
        Vector vector = new Vector();
        if (derValue2.getTag() != 48) {
            throw new IOException("CertReqMsg parsing error");
        }
        while (derValue2.getData().available() != 0) {
            vector.add(new RegistrationInfo(derValue2.getData().getDerValue().toByteArray()));
        }
        if (vector.size() > 0) {
            this.regInfo = new RegistrationInfo[vector.size()];
            for (int i = 0; i < vector.size(); i++) {
                this.regInfo[i] = (RegistrationInfo) vector.elementAt(i);
            }
        }
    }

    @Override // com.ibm.security.cmputil.CMPDerObject
    public void encode(OutputStream outputStream) throws IOException {
        DerOutputStream derOutputStream = new DerOutputStream();
        DerOutputStream derOutputStream2 = new DerOutputStream();
        if (this.certReq == null) {
            throw new IOException("CertRequest not specified");
        }
        this.certReq.encode(derOutputStream);
        if (this.pop != null) {
            this.pop.encode(derOutputStream);
        }
        if (this.regInfo != null) {
            DerOutputStream derOutputStream3 = new DerOutputStream();
            for (int i = 0; i < this.regInfo.length; i++) {
                this.regInfo[i].encode(derOutputStream3);
            }
            derOutputStream.write((byte) 48, derOutputStream3);
        }
        derOutputStream2.write((byte) 48, derOutputStream);
        outputStream.write(derOutputStream2.toByteArray());
    }

    public boolean equals(CertReqMsg certReqMsg) {
        if (certReqMsg == this) {
            return true;
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            DerOutputStream derOutputStream2 = new DerOutputStream();
            encode(derOutputStream);
            DerValue derValue = new DerValue(derOutputStream.toByteArray());
            certReqMsg.encode(derOutputStream2);
            return derValue.equals(new DerValue(derOutputStream2.toByteArray()));
        } catch (Exception unused) {
            return false;
        }
    }

    @Override // com.ibm.security.cmputil.CMPDerObject
    public boolean equals(Object obj) {
        if (obj instanceof CertReqMsg) {
            return equals((CertReqMsg) obj);
        }
        return false;
    }

    public CertRequest getCertReq() {
        return (CertRequest) this.certReq.clone();
    }

    public ProofOfPossession getPOP() {
        if (this.pop == null) {
            return null;
        }
        return (ProofOfPossession) this.pop.clone();
    }

    public RegistrationInfo[] getRegInfo() {
        if (this.regInfo == null) {
            return null;
        }
        return (RegistrationInfo[]) this.regInfo.clone();
    }

    public CertReqMsg prove(PrivateKeyInfo privateKeyInfo) throws IOException, NoSuchAlgorithmException, KeyException, SignatureException {
        Signature signature;
        if (privateKeyInfo == null) {
            throw new IllegalArgumentException("CertReqMsg error, private key info not specified");
        }
        X500Name subject = this.certReq.getCertTemplate().getSubject();
        PublicKey publicKey = this.certReq.getCertTemplate().getPublicKey();
        if (subject == null || publicKey == null) {
            throw new IOException("CertReqMsg error, missing data for signing for ProofOfPossesion");
        }
        DerOutputStream derOutputStream = new DerOutputStream();
        try {
            this.certReq.encode(derOutputStream);
            byte[] byteArray = derOutputStream.toByteArray();
            AlgorithmId algorithmId = privateKeyInfo.getAlgorithmId();
            String name = algorithmId.getName();
            try {
                signature = Signature.getInstance(name, IBM_JCE_PROVIDER);
            } catch (NoSuchProviderException unused) {
                try {
                    signature = Signature.getInstance(name, IBM_JCA_PROVIDER);
                } catch (NoSuchProviderException unused2) {
                    signature = Signature.getInstance(name);
                }
            }
            signature.initSign(privateKeyInfo);
            signature.update(byteArray);
            POPOSigningKey pOPOSigningKey = new POPOSigningKey(null, algorithmId, signature.sign());
            pOPOSigningKey.encode(new DerOutputStream());
            ProofOfPossession proofOfPossession = new ProofOfPossession(1, pOPOSigningKey);
            CertReqMsg certReqMsg = (CertReqMsg) clone();
            certReqMsg.pop = proofOfPossession;
            return certReqMsg;
        } catch (IOException unused3) {
            throw new IOException("CertReqMsg error, unable to encode");
        }
    }

    @Override // com.ibm.security.cmputil.CMPDerObject
    public String toString() {
        String stringBuffer = new StringBuffer(String.valueOf("CertReqMsg:")).append("\r\n\tcert request: ").append(this.certReq.toString()).toString();
        String stringBuffer2 = this.pop == null ? new StringBuffer(String.valueOf(stringBuffer)).append("\r\n\tno pop").toString() : new StringBuffer(String.valueOf(stringBuffer)).append("\r\n\tpop: ").append(this.pop.toString()).toString();
        if (this.regInfo == null || this.regInfo.length == 0) {
            stringBuffer2 = new StringBuffer(String.valueOf(stringBuffer2)).append("\r\n\tNo registration info").toString();
        } else {
            for (int i = 0; i < this.regInfo.length; i++) {
                stringBuffer2 = new StringBuffer(String.valueOf(stringBuffer2)).append("\r\n\treg info[").append(i).append("]: ").append(this.regInfo[i]).toString();
            }
        }
        return stringBuffer2;
    }

    public boolean verify() throws IOException, NoSuchAlgorithmException, KeyException, SignatureException {
        Signature signature;
        if (this.pop == null) {
            throw new IOException("CertReqMsg error, pop not specified");
        }
        if (this.pop.getPOPType() != 1) {
            throw new IOException("CertReqMsg error, pop method not supported");
        }
        if (!(this.pop.getPOP() instanceof POPOSigningKey)) {
            throw new IOException("CertReqMsg error, invalid pop type");
        }
        POPOSigningKey pOPOSigningKey = (POPOSigningKey) this.pop.getPOP();
        AlgorithmId algorithmId = pOPOSigningKey.getAlgorithmId();
        byte[] signature2 = pOPOSigningKey.getSignature();
        try {
            signature = Signature.getInstance(algorithmId.getName(), IBM_JCE_PROVIDER);
        } catch (NoSuchProviderException unused) {
            try {
                signature = Signature.getInstance(algorithmId.getName(), IBM_JCA_PROVIDER);
            } catch (NoSuchProviderException unused2) {
                signature = Signature.getInstance(algorithmId.getName());
            }
        }
        if (this.certReq.getCertTemplate().getPublicKey() == null) {
            throw new IOException("CertReqMsg error, public key not specified");
        }
        signature.initVerify(this.certReq.getCertTemplate().getPublicKey());
        DerOutputStream derOutputStream = new DerOutputStream();
        this.certReq.encode(derOutputStream);
        signature.update(derOutputStream.toByteArray());
        return signature.verify(signature2);
    }
}
