package com.hastobe.transparenzsoftware.verification.format.sml;

import com.hastobe.transparenzsoftware.Utils;
import com.hastobe.transparenzsoftware.verification.ValidationException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/hastobe/transparenzsoftware/verification/format/sml/SMLSignatureVerifier.class */
public class SMLSignatureVerifier implements Verifier {
    private static final Logger LOGGER;
    private static final int PLUS_SIGN = 1;
    public static final String SIGNATURE_ALGORITHM = "NonewithECDSA";
    public static final int CROPPED_DATA_LENGTH = 24;
    public static final String ELLIPTIC_CURVE_ALGORITHM = "secp192r1";
    public static final String KEY_ALGORITHM = "EC";
    public static final int KEY_POINT_DATA_LENGTH = 24;
    public static final int PUBLIC_KEY_BYTES_LENGTH = 48;
    static final /* synthetic */ boolean $assertionsDisabled;

    public SMLSignatureVerifier() {
        Security.addProvider(new BouncyCastleProvider());
    }

    @Override // com.hastobe.transparenzsoftware.verification.format.sml.Verifier
    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) throws ValidationException {
        byte[] copyOfRange = Arrays.copyOfRange(bArr3, 0, 24);
        try {
            return initSignature(bArr, copyOfRange).verify(signatureToDER(bArr2));
        } catch (InvalidKeyException e) {
            throw new ValidationException("Invalid public key supplied", e);
        } catch (NoSuchAlgorithmException | NoSuchProviderException e2) {
            throw new ValidationException("Failure on initialising the crypto algorithms", e2);
        } catch (SignatureException e3) {
            throw new ValidationException("Invalid signature supplied", e3);
        }
    }

    private Signature initSignature(byte[] bArr, byte[] bArr2) throws NoSuchProviderException, NoSuchAlgorithmException, ValidationException, SignatureException, InvalidKeyException {
        if (!$assertionsDisabled && bArr2.length != 24) {
            throw new AssertionError();
        }
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM, "BC");
        signature.initVerify(getPublicKeyFromBytes(bArr));
        signature.update(bArr2);
        return signature;
    }

    public boolean verify(byte[] bArr, SMLSignature sMLSignature) throws ValidationException {
        return verify(bArr, Arrays.copyOfRange(sMLSignature.getProvidedSignature(), 0, 48), Arrays.copyOfRange(Utils.hashSHA256(sMLSignature.buildExtendedSignatureData()), 0, 24));
    }

    public static byte[] signatureToDER(byte[] bArr) {
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 0, bArr.length / 2);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr, bArr.length / 2, bArr.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange)));
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(1, copyOfRange2)));
        try {
            dEROutputStream.writeObject(new DERSequence(aSN1EncodableVector));
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            throw new RuntimeException("Could not create DER sequence");
        }
    }

    public static PublicKey getPublicKeyFromBytes(byte[] bArr) throws ValidationException {
        if (bArr.length != 48) {
            LOGGER.error("Invalid public key length received");
            throw new ValidationException("Public key is not 48 bytes long", "error.invalid.public.key");
        }
        try {
            return KeyFactory.getInstance(KEY_ALGORITHM, "BC").generatePublic(initPublicKeyCryptoSpecs(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            LOGGER.error(e.getClass().getSimpleName() + " occurred when trying to get public key from raw bytes", e);
            throw new RuntimeException("Cannot calculate the public key failure in crypt library");
        } catch (InvalidKeySpecException | InvalidParameterSpecException e2) {
            throw new ValidationException("Could not create a public key", "error.invalid.public.key", e2);
        }
    }

    private static ECPublicKeySpec initPublicKeyCryptoSpecs(byte[] bArr) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidParameterSpecException {
        if (!$assertionsDisabled && bArr.length != 48) {
            throw new AssertionError();
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(KEY_ALGORITHM, "BC");
        algorithmParameters.init(new ECGenParameterSpec("secp192r1"));
        return new ECPublicKeySpec(new ECPoint(getPointXKeyCurve(bArr), getPointYKeyCurve(bArr)), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class));
    }

    private static BigInteger getPointXKeyCurve(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != 48) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[24];
        System.arraycopy(bArr, 0, bArr2, 0, 24);
        return new BigInteger(1, bArr2);
    }

    private static BigInteger getPointYKeyCurve(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != 48) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[24];
        System.arraycopy(bArr, 24, bArr2, 0, 24);
        return new BigInteger(1, bArr2);
    }

    static {
        $assertionsDisabled = !SMLSignatureVerifier.class.desiredAssertionStatus();
        LOGGER = LogManager.getLogger((Class<?>) SMLSignatureVerifier.class);
    }
}
