package org.bouncycastle.tls.crypto.impl.jcajce;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.tls.SignatureAndHashAlgorithm;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.TlsSigner;

/* loaded from: classes5.dex */
public class JcaTlsRSASigner implements TlsSigner {
    public final JcaTlsCrypto crypto;
    public final PrivateKey privateKey;
    public final PublicKey publicKey;
    public Signature rawSigner = null;

    public JcaTlsRSASigner(JcaTlsCrypto jcaTlsCrypto, PrivateKey privateKey, PublicKey publicKey) {
        if (jcaTlsCrypto == null) {
            throw new NullPointerException("crypto");
        }
        if (privateKey == null) {
            throw new NullPointerException("privateKey");
        }
        this.crypto = jcaTlsCrypto;
        this.privateKey = privateKey;
        this.publicKey = publicKey;
    }

    @Override // org.bouncycastle.tls.crypto.TlsSigner
    public final byte[] generateRawSignature(SignatureAndHashAlgorithm signatureAndHashAlgorithm, byte[] bArr) throws IOException {
        try {
            try {
                if (this.rawSigner == null) {
                    Signature createSignature = this.crypto.helper.createSignature("NoneWithRSA");
                    this.rawSigner = createSignature;
                    createSignature.initSign(this.privateKey, this.crypto.entropySource);
                }
                Signature signature = this.rawSigner;
                if (signatureAndHashAlgorithm != null) {
                    if (signatureAndHashAlgorithm.signature != 1) {
                        throw new IllegalStateException("Invalid algorithm: " + signatureAndHashAlgorithm);
                    }
                    bArr = new DigestInfo(new AlgorithmIdentifier(TlsUtils.getOIDForHashAlgorithm(signatureAndHashAlgorithm.hash), DERNull.INSTANCE), bArr).getEncoded();
                }
                signature.update(bArr, 0, bArr.length);
                byte[] sign = signature.sign();
                signature.initVerify(this.publicKey);
                signature.update(bArr, 0, bArr.length);
                boolean verify = signature.verify(sign);
                this.rawSigner = null;
                if (verify) {
                    return sign;
                }
                throw new TlsFatalAlert((short) 80);
            } catch (GeneralSecurityException e) {
                throw new TlsFatalAlert((short) 80, (Throwable) e);
            }
        } catch (Throwable th) {
            this.rawSigner = null;
            throw th;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0038, code lost:
    
        if ("SunMSCAPI".equals(r0.getName()) != false) goto L16;
     */
    @Override // org.bouncycastle.tls.crypto.TlsSigner
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final org.bouncycastle.tls.crypto.TlsStreamSigner getStreamSigner(org.bouncycastle.tls.SignatureAndHashAlgorithm r6) throws java.io.IOException {
        /*
            r5 = this;
            if (r6 == 0) goto L6f
            short r0 = r6.signature
            r1 = 1
            if (r1 != r0) goto L6f
            boolean r0 = org.bouncycastle.tls.crypto.impl.jcajce.JcaUtils.isSunMSCAPIProviderActive()
            if (r0 == 0) goto L6f
            java.security.Signature r0 = r5.rawSigner     // Catch: java.security.GeneralSecurityException -> L3d
            if (r0 != 0) goto L26
            org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto r0 = r5.crypto     // Catch: java.security.GeneralSecurityException -> L3d
            org.bouncycastle.jcajce.util.JcaJceHelper r0 = r0.helper     // Catch: java.security.GeneralSecurityException -> L3d
            java.lang.String r2 = "NoneWithRSA"
            java.security.Signature r0 = r0.createSignature(r2)     // Catch: java.security.GeneralSecurityException -> L3d
            r5.rawSigner = r0     // Catch: java.security.GeneralSecurityException -> L3d
            java.security.PrivateKey r2 = r5.privateKey     // Catch: java.security.GeneralSecurityException -> L3d
            org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto r3 = r5.crypto     // Catch: java.security.GeneralSecurityException -> L3d
            java.security.SecureRandom r3 = r3.entropySource     // Catch: java.security.GeneralSecurityException -> L3d
            r0.initSign(r2, r3)     // Catch: java.security.GeneralSecurityException -> L3d
        L26:
            java.security.Signature r0 = r5.rawSigner     // Catch: java.security.GeneralSecurityException -> L3d
            java.security.Provider r0 = r0.getProvider()     // Catch: java.security.GeneralSecurityException -> L3d
            if (r0 == 0) goto L3b
            java.lang.String r0 = r0.getName()     // Catch: java.security.GeneralSecurityException -> L3d
            java.lang.String r2 = "SunMSCAPI"
            boolean r0 = r2.equals(r0)     // Catch: java.security.GeneralSecurityException -> L3d
            if (r0 == 0) goto L3b
            goto L3d
        L3b:
            r0 = 0
            r1 = r0
        L3d:
            if (r1 == 0) goto L6f
            org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto r0 = r5.crypto
            java.security.PrivateKey r1 = r5.privateKey
            java.security.PublicKey r2 = r5.publicKey
            r0.getClass()
            java.lang.String r6 = org.bouncycastle.tls.crypto.impl.jcajce.JcaUtils.getJcaAlgorithmName(r6)
            org.bouncycastle.jcajce.util.JcaJceHelper r3 = r0.helper     // Catch: java.security.GeneralSecurityException -> L66
            java.security.Signature r3 = r3.createSignature(r6)     // Catch: java.security.GeneralSecurityException -> L66
            org.bouncycastle.jcajce.util.JcaJceHelper r4 = r0.helper     // Catch: java.security.GeneralSecurityException -> L66
            java.security.Signature r6 = r4.createSignature(r6)     // Catch: java.security.GeneralSecurityException -> L66
            java.security.SecureRandom r0 = r0.entropySource     // Catch: java.security.GeneralSecurityException -> L66
            r3.initSign(r1, r0)     // Catch: java.security.GeneralSecurityException -> L66
            r6.initVerify(r2)     // Catch: java.security.GeneralSecurityException -> L66
            org.bouncycastle.tls.crypto.impl.jcajce.JcaVerifyingStreamSigner r0 = new org.bouncycastle.tls.crypto.impl.jcajce.JcaVerifyingStreamSigner     // Catch: java.security.GeneralSecurityException -> L66
            r0.<init>(r3, r6)     // Catch: java.security.GeneralSecurityException -> L66
            return r0
        L66:
            r6 = move-exception
            org.bouncycastle.tls.TlsFatalAlert r0 = new org.bouncycastle.tls.TlsFatalAlert
            r1 = 80
            r0.<init>(r1, r6)
            throw r0
        L6f:
            r6 = 0
            return r6
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsRSASigner.getStreamSigner(org.bouncycastle.tls.SignatureAndHashAlgorithm):org.bouncycastle.tls.crypto.TlsStreamSigner");
    }
}
