package cn.com.infosec.ipp.provider.asymmetric.rsa;

import cn.com.infosec.asn1.ASN1ObjectIdentifier;
import cn.com.infosec.asn1.ASN1Primitive;
import cn.com.infosec.asn1.nist.NISTObjectIdentifiers;
import cn.com.infosec.asn1.oiw.OIWObjectIdentifiers;
import cn.com.infosec.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.infosec.asn1.x509.DigestInfo;
import cn.com.infosec.crypto.AsymmetricBlockCipher;
import cn.com.infosec.crypto.Digest;
import cn.com.infosec.crypto.InvalidCipherTextException;
import cn.com.infosec.crypto.encodings.PKCS1Encoding;
import cn.com.infosec.crypto.engines.IPPRSACoreEngine;
import cn.com.infosec.crypto.params.RSAKeyParameters;
import cn.com.infosec.crypto.util.DigestFactory;
import cn.com.infosec.device.ipp.rsa.HashAlgType;
import cn.com.infosec.ipp.crypto.signers.IPPRSADigestSigner;
import cn.com.infosec.util.Arrays;
import java.io.ByteArrayOutputStream;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;

/* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi.class */
public class IPPDigestSignatureSpi extends SignatureSpi {
    private IPPRSADigestSigner signer;
    private AsymmetricBlockCipher cipher;
    private ByteArrayOutputStream buf = new ByteArrayOutputStream();

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$MD5.class */
    public static class MD5 extends IPPDigestSignatureSpi {
        public MD5() {
            super(new IPPRSADigestSigner(HashAlgType.MD5));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA1.class */
    public static class SHA1 extends IPPDigestSignatureSpi {
        public SHA1() {
            super(new IPPRSADigestSigner(HashAlgType.SHA1));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA224.class */
    public static class SHA224 extends IPPDigestSignatureSpi {
        public SHA224() {
            super(new IPPRSADigestSigner(HashAlgType.SHA224));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA256.class */
    public static class SHA256 extends IPPDigestSignatureSpi {
        public SHA256() {
            super(new IPPRSADigestSigner(HashAlgType.SHA256));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA384.class */
    public static class SHA384 extends IPPDigestSignatureSpi {
        public SHA384() {
            super(new IPPRSADigestSigner(HashAlgType.SHA384));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA512.class */
    public static class SHA512 extends IPPDigestSignatureSpi {
        public SHA512() {
            super(new IPPRSADigestSigner(HashAlgType.SHA512));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA512_224.class */
    public static class SHA512_224 extends IPPDigestSignatureSpi {
        public SHA512_224() {
            super(new IPPRSADigestSigner(HashAlgType.SHA512_224));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SHA512_256.class */
    public static class SHA512_256 extends IPPDigestSignatureSpi {
        public SHA512_256() {
            super(new IPPRSADigestSigner(HashAlgType.SHA512_256));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$SM3.class */
    public static class SM3 extends IPPDigestSignatureSpi {
        public SM3() {
            super(new IPPRSADigestSigner(HashAlgType.SM3));
        }
    }

    /* loaded from: input_file:cn/com/infosec/ipp/provider/asymmetric/rsa/IPPDigestSignatureSpi$UNKNOWN.class */
    public static class UNKNOWN extends IPPDigestSignatureSpi {
        public UNKNOWN() {
            super(new PKCS1Encoding(new IPPRSACoreEngine()));
        }
    }

    protected IPPDigestSignatureSpi(IPPRSADigestSigner iPPRSADigestSigner) {
        this.signer = iPPRSADigestSigner;
    }

    public IPPDigestSignatureSpi(AsymmetricBlockCipher asymmetricBlockCipher) {
        this.cipher = asymmetricBlockCipher;
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new InvalidKeyException("Supplied key (" + getType(publicKey) + ") is not a RSAPublicKey instance");
        }
        RSAKeyParameters generatePublicKeyParameter = RSAUtil.generatePublicKeyParameter((RSAPublicKey) publicKey);
        if (this.signer != null) {
            this.signer.init(false, generatePublicKeyParameter);
        } else if (this.cipher != null) {
            this.cipher.init(false, generatePublicKeyParameter);
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        if (!(privateKey instanceof RSAPrivateKey)) {
            throw new InvalidKeyException("Supplied key (" + getType(privateKey) + ") is not a RSAPrivateKey instance");
        }
        this.signer.init(true, RSAUtil.generatePrivateKeyParameter((RSAPrivateKey) privateKey));
    }

    private String getType(Object obj) {
        if (obj == null) {
            return null;
        }
        return obj.getClass().getName();
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        this.buf.write(b);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        this.buf.write(bArr, i, i2);
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        if (this.buf.size() == 0) {
            throw new SignatureException("the input data size is 0");
        }
        try {
            byte[] byteArray = this.buf.toByteArray();
            this.buf.reset();
            return this.signer.generateSignature(byteArray);
        } catch (ArrayIndexOutOfBoundsException e) {
            throw new SignatureException("key too small for signature type");
        } catch (Exception e2) {
            throw new SignatureException(e2.toString());
        }
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        Digest create256_SM3;
        if (this.buf.size() == 0) {
            throw new SignatureException("the input data size is 0");
        }
        byte[] byteArray = this.buf.toByteArray();
        this.buf.reset();
        if (this.signer != null) {
            return this.signer.verifySignature(byteArray, bArr);
        }
        try {
            DigestInfo digestInfo = DigestInfo.getInstance(this.cipher.processBlock(bArr, 0, bArr.length));
            ASN1ObjectIdentifier algorithm = digestInfo.getAlgorithmId().getAlgorithm();
            if (algorithm.equals((ASN1Primitive) OIWObjectIdentifiers.idSHA1)) {
                create256_SM3 = DigestFactory.createSHA1();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha224)) {
                create256_SM3 = DigestFactory.createSHA224();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha256)) {
                create256_SM3 = DigestFactory.createSHA256();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha384)) {
                create256_SM3 = DigestFactory.createSHA384();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha512)) {
                create256_SM3 = DigestFactory.createSHA512();
            } else if (algorithm.equals((ASN1Primitive) PKCSObjectIdentifiers.md5)) {
                create256_SM3 = DigestFactory.createMD5();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha512_224)) {
                create256_SM3 = DigestFactory.createSHA512_224();
            } else if (algorithm.equals((ASN1Primitive) NISTObjectIdentifiers.id_sha512_256)) {
                create256_SM3 = DigestFactory.createSHA512_256();
            } else {
                if (!algorithm.equals((ASN1Primitive) PKCSObjectIdentifiers.id_sha256_sm3)) {
                    throw new SignatureException("hash unavailable with RSA.");
                }
                create256_SM3 = DigestFactory.create256_SM3();
            }
            byte[] bArr2 = new byte[create256_SM3.getDigestSize()];
            create256_SM3.update(byteArray, 0, byteArray.length);
            create256_SM3.doFinal(bArr2, 0);
            if (bArr2.length == digestInfo.getDigest().length) {
                return Arrays.constantTimeAreEqual(bArr2, digestInfo.getDigest());
            }
            return false;
        } catch (InvalidCipherTextException e) {
            return false;
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(AlgorithmParameterSpec algorithmParameterSpec) {
        throw new UnsupportedOperationException("engineSetParameter unsupported");
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(String str, Object obj) {
        throw new UnsupportedOperationException("engineSetParameter unsupported");
    }

    @Override // java.security.SignatureSpi
    protected Object engineGetParameter(String str) {
        return null;
    }

    @Override // java.security.SignatureSpi
    protected AlgorithmParameters engineGetParameters() {
        return null;
    }
}
