package org.mozilla.jss.pkix.crmf;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.text.DateFormat;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.asn1.ASN1Template;
import org.mozilla.jss.asn1.ASN1Value;
import org.mozilla.jss.asn1.BIT_STRING;
import org.mozilla.jss.asn1.InvalidBERException;
import org.mozilla.jss.asn1.SEQUENCE;
import org.mozilla.jss.asn1.Tag;
import org.mozilla.jss.crypto.InvalidKeyFormatException;
import org.mozilla.jss.crypto.Signature;
import org.mozilla.jss.crypto.SignatureAlgorithm;
import org.mozilla.jss.crypto.TokenException;
import org.mozilla.jss.pkix.crmf.CertRequest;
import org.mozilla.jss.pkix.crmf.POPOPrivKey;
import org.mozilla.jss.pkix.crmf.ProofOfPossession;
import org.mozilla.jss.pkix.primitive.AVA;
import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier;
import org.mozilla.jss.util.Assert;

/* loaded from: input_file:116287-13/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:org/mozilla/jss/pkix/crmf/CertReqMsg.class */
public class CertReqMsg implements ASN1Value {
    private CertRequest certReq;
    private SEQUENCE regInfo;
    private ProofOfPossession pop;
    public static final Tag TAG = SEQUENCE.TAG;
    private static final Template templateInstance = new Template();

    /* loaded from: input_file:116287-13/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:org/mozilla/jss/pkix/crmf/CertReqMsg$Template.class */
    public static class Template implements ASN1Template {
        @Override // org.mozilla.jss.asn1.ASN1Template
        public ASN1Value decode(InputStream inputStream) throws IOException, InvalidBERException {
            return decode(CertReqMsg.TAG, inputStream);
        }

        @Override // org.mozilla.jss.asn1.ASN1Template
        public ASN1Value decode(Tag tag, InputStream inputStream) throws IOException, InvalidBERException {
            SEQUENCE.Template template = new SEQUENCE.Template();
            template.addElement(new CertRequest.Template());
            template.addOptionalElement(new ProofOfPossession.Template());
            template.addOptionalElement(new SEQUENCE.OF_Template(new AVA.Template()));
            SEQUENCE sequence = (SEQUENCE) template.decode(tag, inputStream);
            return new CertReqMsg((CertRequest) sequence.elementAt(0), (ProofOfPossession) sequence.elementAt(1), (SEQUENCE) sequence.elementAt(2));
        }

        @Override // org.mozilla.jss.asn1.ASN1Template
        public boolean tagMatch(Tag tag) {
            return CertReqMsg.TAG.equals(tag);
        }
    }

    private CertReqMsg() {
        this.pop = null;
    }

    public CertReqMsg(CertRequest certRequest, ProofOfPossession proofOfPossession, SEQUENCE sequence) {
        this.pop = null;
        this.certReq = certRequest;
        this.pop = proofOfPossession;
        this.regInfo = sequence;
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public void encode(OutputStream outputStream) throws IOException {
        encode(getTag(), outputStream);
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public void encode(Tag tag, OutputStream outputStream) throws IOException {
        SEQUENCE sequence = new SEQUENCE();
        sequence.addElement(this.certReq);
        if (this.pop != null) {
            sequence.addElement(this.pop);
        }
        if (this.regInfo != null) {
            sequence.addElement(this.regInfo);
        }
        sequence.encode(tag, outputStream);
    }

    public CertRequest getCertReq() {
        return this.certReq;
    }

    public ProofOfPossession getPop() {
        Assert.m2308assert(this.pop != null);
        return this.pop;
    }

    public SEQUENCE getRegInfo() {
        Assert.m2308assert(this.regInfo != null);
        return this.regInfo;
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public Tag getTag() {
        return TAG;
    }

    public static Template getTemplate() {
        return templateInstance;
    }

    public boolean hasPop() {
        return this.pop != null;
    }

    public boolean hasRegInfo() {
        return this.regInfo != null;
    }

    public static void main(String[] strArr) {
        try {
            if (strArr.length < 1) {
                System.err.println("Give an arg");
                System.exit(0);
            }
            FileInputStream fileInputStream = new FileInputStream(strArr[0]);
            SEQUENCE.OF_Template oF_Template = new SEQUENCE.OF_Template(new Template());
            SEQUENCE sequence = null;
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            for (int i = 0; i < 1; i++) {
                sequence = (SEQUENCE) oF_Template.decode(new ByteArrayInputStream(bArr));
            }
            System.out.println(new StringBuffer("Decoded ").append(sequence.size()).append(" messages").toString());
            CertRequest certReq = ((CertReqMsg) sequence.elementAt(0)).getCertReq();
            System.out.println(new StringBuffer("Request ID: ").append(certReq.getCertReqId()).toString());
            CertTemplate certTemplate = certReq.getCertTemplate();
            if (certTemplate.hasVersion()) {
                System.out.println(new StringBuffer("Version: ").append(certTemplate.getVersion()).toString());
            } else {
                System.out.println("No version");
            }
            if (certTemplate.hasSerialNumber()) {
                System.out.println(new StringBuffer("Serial Number: ").append(certTemplate.getSerialNumber()).toString());
            } else {
                System.out.println("No serial number");
            }
            if (certTemplate.hasSigningAlg()) {
                System.out.println(new StringBuffer("SigningAlg: ").append(certTemplate.getSigningAlg().getOID()).toString());
            } else {
                System.out.println("No signing alg");
            }
            if (certTemplate.hasIssuer()) {
                System.out.println(new StringBuffer("Issuer: ").append(certTemplate.getIssuer().getRFC1485()).toString());
            } else {
                System.out.println("No issuer");
            }
            if (certTemplate.hasSubject()) {
                System.out.println(new StringBuffer("Subject: ").append(certTemplate.getSubject().getRFC1485()).toString());
            } else {
                System.out.println("No subject: ");
            }
            if (certTemplate.hasPublicKey()) {
                System.out.println(new StringBuffer("Public Key: ").append(certTemplate.getPublicKey().getAlgorithmIdentifier().getOID()).toString());
            } else {
                System.out.println("No public key");
            }
            if (certTemplate.hasIssuerUID()) {
                System.out.println(new StringBuffer("Issuer UID: ").append(new BigInteger(certTemplate.getIssuerUID().getBits())).toString());
            } else {
                System.out.println("no issuer uid");
            }
            if (certTemplate.hasSubjectUID()) {
                System.out.println(new StringBuffer("Subject UID: ").append(new BigInteger(certTemplate.getIssuerUID().getBits())).toString());
            } else {
                System.out.println("no subject uid");
            }
            if (certTemplate.hasNotBefore()) {
                System.out.println(new StringBuffer("Not Before: ").append(DateFormat.getInstance().format(certTemplate.getNotBefore())).toString());
            }
            if (certTemplate.hasNotAfter()) {
                System.out.println(new StringBuffer("Not After: ").append(DateFormat.getInstance().format(certTemplate.getNotAfter())).toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public void verify() throws SignatureException, InvalidKeyFormatException, NoSuchAlgorithmException, CryptoManager.NotInitializedException, TokenException, InvalidKeyException, IOException {
        POPOPrivKey.Type type;
        ProofOfPossession.Type type2 = this.pop.getType();
        if (type2 != ProofOfPossession.SIGNATURE) {
            if (type2 == ProofOfPossession.KEY_ENCIPHERMENT && (type = this.pop.getKeyEncipherment().getType()) != POPOPrivKey.THIS_MESSAGE && type == POPOPrivKey.SUBSEQUENT_MESSAGE) {
                new ChallengeResponseException("requested");
                return;
            }
            return;
        }
        POPOSigningKey signature = this.pop.getSignature();
        AlgorithmIdentifier algorithmIdentifier = signature.getAlgorithmIdentifier();
        BIT_STRING signature2 = signature.getSignature();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.certReq.encode(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        PublicKey publicKey = null;
        CertTemplate certTemplate = this.certReq.getCertTemplate();
        if (certTemplate.hasPublicKey()) {
            publicKey = certTemplate.getPublicKey().toPublicKey();
        }
        Signature signatureContext = CryptoManager.getInstance().getInternalCryptoToken().getSignatureContext(SignatureAlgorithm.fromOID(algorithmIdentifier.getOID()));
        signatureContext.initVerify(publicKey);
        signatureContext.update(byteArray);
        if (!signatureContext.verify(signature2.getBits())) {
            throw new SignatureException("Signed request information does not match signature in POP");
        }
    }
}
