package cfca.sadk.asn1.pkcs;

import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.lib.crypto.bcsoft.BCSoftLib;
import cfca.sadk.org.bouncycastle.asn1.ASN1Encoding;
import cfca.sadk.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import cfca.sadk.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cfca.sadk.org.bouncycastle.openssl.PEMParser;
import cfca.sadk.org.bouncycastle.pkcs.PKCS10CertificationRequest;
import cfca.sadk.org.bouncycastle.util.Arrays;
import cfca.sadk.org.bouncycastle.util.Strings;
import cfca.sadk.system.SADKDebugger;
import cfca.sadk.system.logging.LoggerManager;
import cfca.sadk.util.Base64;
import cfca.sadk.util.Signature;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;

/* loaded from: input_file:cfca/sadk/asn1/pkcs/CSRDecoder.class */
abstract class CSRDecoder {
    private static final String CHARSET = "ASCII";
    private static final int MIN_LENGTH = 100;
    static final String HEADLINE_CERTIFICATE_REQUEST = "CERTIFICATE REQUEST";

    CSRDecoder() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final PKCS10CertificationRequest decodedCertificationRequest(byte[] bArr) throws PKIException {
        PKCS10CertificationRequest decodedPKCS10CertificationRequestFromPEM;
        if (bArr == null) {
            throw new PKIException("decodedCertificationRequest  failed: p10Data==null");
        }
        if (bArr.length < 100) {
            throw new PKIException("decodedCertificationRequest  failed: p10Data<100");
        }
        if (bArr[0] == 48) {
            decodedPKCS10CertificationRequestFromPEM = decodedPKCS10CertificationRequestFromDER(bArr);
        } else {
            String trim = Strings.fromByteArray(Arrays.copyOfRange(bArr, 0, 100)).trim();
            if (trim.charAt(0) == 'M') {
                decodedPKCS10CertificationRequestFromPEM = decodedPKCS10CertificationRequestFromBase64(bArr);
            } else {
                if (trim.indexOf(HEADLINE_CERTIFICATE_REQUEST) <= 0) {
                    throw new PKIException("decodedCertificationRequest  failed: PKCS10CertificationRequest malformed base64P10Data");
                }
                decodedPKCS10CertificationRequestFromPEM = decodedPKCS10CertificationRequestFromPEM(bArr);
            }
        }
        return decodedPKCS10CertificationRequestFromPEM;
    }

    private static final PKCS10CertificationRequest decodedPKCS10CertificationRequestFromDER(byte[] bArr) throws PKIException {
        try {
            return new PKCS10CertificationRequest(bArr);
        } catch (Exception e) {
            LoggerManager.exceptionLogger.error("decodedCertificationRequest  failed: malformed asn1P10Data=" + SADKDebugger.dump(bArr), e);
            throw new PKIException("decodedCertificationRequest  failed: malformed asn1P10Data", e);
        }
    }

    private static final PKCS10CertificationRequest decodedPKCS10CertificationRequestFromBase64(byte[] bArr) throws PKIException {
        try {
            byte[] decode = Base64.decode(bArr);
            try {
                return new PKCS10CertificationRequest(decode);
            } catch (Exception e) {
                LoggerManager.exceptionLogger.error("decodedCertificationRequest  failed: malformed base64P10Data=" + SADKDebugger.dumpBase64(decode), e);
                throw new PKIException("decodedCertificationRequest  failed: malformed base64P10Data", e);
            }
        } catch (Exception e2) {
            LoggerManager.exceptionLogger.error("decodedCertificationRequest  failed: malformed base64P10Data=" + SADKDebugger.dumpBase64(bArr), e2);
            throw new PKIException("decodedCertificationRequest  failed: malformed base64P10Data", e2);
        }
    }

    private static final PKCS10CertificationRequest decodedPKCS10CertificationRequestFromPEM(byte[] bArr) throws PKIException {
        try {
            PEMParser pEMParser = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bArr), "ASCII"));
            Object readObject = pEMParser.readObject();
            pEMParser.close();
            if (readObject instanceof PKCS10CertificationRequest) {
                return (PKCS10CertificationRequest) readObject;
            }
            LoggerManager.exceptionLogger.error("decodedCertificationRequest  failed: PKCS10CertificationRequest malformed pemP10Data=" + SADKDebugger.dumpBase64(bArr));
            throw new PKIException("decodedCertificationRequest  failed: PKCS10CertificationRequest malformed pemP10Data");
        } catch (IOException e) {
            LoggerManager.exceptionLogger.error("decodedCertificationRequest  failed: PKCS10CertificationRequest malformed pemP10Data=" + SADKDebugger.dumpBase64(bArr));
            throw new PKIException("decodedCertificationRequest  failed: PKCS10CertificationRequest malformed pemP10Data", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean isP10RequestSignatureValid(byte[] bArr) throws PKIException {
        PKCS10CertificationRequest decodedCertificationRequest = decodedCertificationRequest(bArr);
        try {
            byte[] encoded = decodedCertificationRequest.toASN1Structure().getCertificationRequestInfo().getEncoded(ASN1Encoding.DER);
            try {
                try {
                    try {
                        try {
                            boolean p1VerifyMessage = new Signature().p1VerifyMessage(getValidSignatureAlgName(decodedCertificationRequest.getSignatureAlgorithm()), encoded, Base64.encode(decodedCertificationRequest.getSignature()), CSRPublicKeyHelper.buildPublicKeyFrom(decodedCertificationRequest.getSubjectPublicKeyInfo()), BCSoftLib.INSTANCE());
                            if (!p1VerifyMessage) {
                                LoggerManager.exceptionLogger.error("isP10RequestSignatureValid  failed: p1VerifyMessage False-->" + SADKDebugger.dump(bArr));
                            }
                            return p1VerifyMessage;
                        } catch (PKIException e) {
                            LoggerManager.exceptionLogger.error("isP10RequestSignatureValid  failed: p1VerifyMessage failure-->" + SADKDebugger.dump(bArr), e);
                            throw new PKIException("isP10RequestSignatureValid  failed: p1VerifyMessage failure", e);
                        } catch (Exception e2) {
                            LoggerManager.exceptionLogger.error("isP10RequestSignatureValid  failed: p1VerifyMessage failure-->" + SADKDebugger.dump(bArr), e2);
                            throw new PKIException("isP10RequestSignatureValid  failed: p1VerifyMessage failure", e2);
                        } catch (Throwable th) {
                            LoggerManager.exceptionLogger.error("isP10RequestSignatureValid  failed: p1VerifyMessage failure-->" + SADKDebugger.dump(bArr), th);
                            throw new PKIException("isP10RequestSignatureValid  failed: p1VerifyMessage failure", th);
                        }
                    } catch (Exception e3) {
                        throw new PKIException("isP10RequestSignatureValid  failed: signature get failure", e3);
                    }
                } catch (PKIException e4) {
                    throw new PKIException("isP10RequestSignatureValid  failed: PublicKey get failure", e4);
                }
            } catch (PKIException e5) {
                throw new PKIException("isP10RequestSignatureValid  failed: sigAlgName get failure", e5);
            }
        } catch (IOException e6) {
            throw new PKIException("isP10RequestSignatureValid  failed: sourceData get failure");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final String getSubjectFromP10Request(byte[] bArr) throws PKIException {
        try {
            return decodedCertificationRequest(bArr).getSubject().toString();
        } catch (Exception e) {
            throw new PKIException("getSubjectFromP10Request Failure: " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final String getSignatureAlgorithmFromP10Request(byte[] bArr) throws PKIException {
        return getValidSignatureAlgName(decodedCertificationRequest(bArr).getSignatureAlgorithm());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final byte[] getSignatureFromP10Request(byte[] bArr) throws PKIException {
        return decodedCertificationRequest(bArr).getSignature();
    }

    static final String getValidSignatureAlgName(AlgorithmIdentifier algorithmIdentifier) throws PKIException {
        if (algorithmIdentifier == null) {
            throw new PKIException("getValidSignatureAlgName  failed: signatureAlgorithm==null");
        }
        ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
        if (algorithm == null) {
            throw new PKIException("getValidSignatureAlgName  failed: algorithm==null");
        }
        String str = MechanismKit.OIDALGMap.get(algorithm);
        if (str == null) {
            throw new PKIException("getValidSignatureAlgName  failed:  dot not support algorithmName=" + algorithmIdentifier);
        }
        return str;
    }
}
