package se.digg.cose;

import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.util.Arrays;

/* loaded from: input_file:se/digg/cose/SignCommon.class */
public abstract class SignCommon extends COSEObject {
    protected String contextString;

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] computeSignature(byte[] bArr, COSEKey cOSEKey) throws CoseException {
        return computeSignature(AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm)), bArr, cOSEKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] computeSignature(AlgorithmID algorithmID, byte[] bArr, COSEKey cOSEKey) throws CoseException {
        String str;
        int i = 0;
        switch (algorithmID) {
            case ECDSA_256:
                str = "SHA256withECDSA";
                i = 32;
                break;
            case ECDSA_384:
                str = "SHA384withECDSA";
                i = 48;
                break;
            case ECDSA_512:
                str = "SHA512withECDSA";
                i = 66;
                break;
            case EDDSA:
                str = "NonewithEdDSA";
                break;
            case RSA_PSS_256:
                str = "SHA256withRSA/PSS";
                break;
            case RSA_PSS_384:
                str = "SHA384withRSA/PSS";
                break;
            case RSA_PSS_512:
                str = "SHA512withRSA/PSS";
                break;
            default:
                throw new CoseException("Unsupported Algorithm Specified");
        }
        if (cOSEKey == null) {
            throw new NullPointerException();
        }
        PrivateKey AsPrivateKey = cOSEKey.AsPrivateKey();
        if (AsPrivateKey == null) {
            throw new CoseException("Private key required to sign");
        }
        Provider provider = cOSEKey.getCryptoContext().getProvider();
        try {
            Signature signature = provider == null ? Signature.getInstance(str) : Signature.getInstance(str, provider);
            signature.initSign(AsPrivateKey);
            signature.update(bArr);
            byte[] sign = signature.sign();
            if (i > 0) {
                sign = convertDerToConcat(sign, i);
            }
            return sign;
        } catch (NoSuchAlgorithmException e) {
            throw new CoseException("Algorithm not supported", e);
        } catch (Exception e2) {
            throw new CoseException("Signature failure", e2);
        }
    }

    private static byte[] convertDerToConcat(byte[] bArr, int i) throws CoseException {
        byte[] bArr2 = new byte[i * 2];
        int i2 = 4;
        if (bArr[0] != 48) {
            throw new CoseException("Unexpected signature input");
        }
        if ((bArr[1] & 128) != 0) {
            i2 = 4 + (bArr[1] & 127);
        }
        int i3 = i2;
        int i4 = bArr[i3 - 1];
        int i5 = 0;
        if (i4 > i) {
            i3 += i4 - i;
            i4 = i;
        } else {
            i5 = i - i4;
        }
        System.arraycopy(bArr, i3, bArr2, i5, i4);
        int i6 = i3 + i4 + 2;
        int i7 = bArr[i6 - 1];
        int i8 = 0;
        if (i7 > i) {
            i6 += i7 - i;
            i7 = i;
        } else {
            i8 = i - i7;
        }
        System.arraycopy(bArr, i6, bArr2, i + i8, i7);
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean validateSignature(byte[] bArr, byte[] bArr2, COSEKey cOSEKey) throws CoseException {
        return validateSignature(AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm)), bArr, bArr2, cOSEKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean validateSignature(AlgorithmID algorithmID, byte[] bArr, byte[] bArr2, COSEKey cOSEKey) throws CoseException {
        String str;
        boolean z = false;
        switch (algorithmID) {
            case ECDSA_256:
                str = "SHA256withECDSA";
                z = true;
                break;
            case ECDSA_384:
                str = "SHA384withECDSA";
                z = true;
                break;
            case ECDSA_512:
                str = "SHA512withECDSA";
                z = true;
                break;
            case EDDSA:
                str = "NonewithEdDSA";
                break;
            case RSA_PSS_256:
                str = "SHA256withRSA/PSS";
                break;
            case RSA_PSS_384:
                str = "SHA384withRSA/PSS";
                break;
            case RSA_PSS_512:
                str = "SHA512withRSA/PSS";
                break;
            default:
                throw new CoseException("Unsupported Algorithm Specified");
        }
        if (cOSEKey == null) {
            throw new NullPointerException();
        }
        PublicKey AsPublicKey = cOSEKey.AsPublicKey();
        if (AsPublicKey == null) {
            throw new CoseException("Public key required to verify");
        }
        Provider provider = cOSEKey.getCryptoContext().getProvider();
        try {
            Signature signature = provider == null ? Signature.getInstance(str) : Signature.getInstance(str, provider);
            signature.initVerify(AsPublicKey);
            signature.update(bArr);
            if (z) {
                bArr2 = convertConcatToDer(bArr2);
            }
            return signature.verify(bArr2);
        } catch (NoSuchAlgorithmException e) {
            throw new CoseException("Algorithm not supported", e);
        } catch (Exception e2) {
            throw new CoseException("Signature verification failure", e2);
        }
    }

    private static byte[] convertConcatToDer(byte[] bArr) throws CoseException {
        int length = bArr.length / 2;
        return ASN1.EncodeSignature(Arrays.copyOfRange(bArr, 0, length), Arrays.copyOfRange(bArr, length, bArr.length));
    }
}
