package edu.vt.middleware.crypt.signature;

import edu.vt.middleware.crypt.AbstractCli;
import edu.vt.middleware.crypt.CryptException;
import edu.vt.middleware.crypt.io.Base64FilterInputStream;
import edu.vt.middleware.crypt.io.HexFilterInputStream;
import edu.vt.middleware.crypt.util.AbstractEncodingConverter;
import edu.vt.middleware.crypt.util.Base64Converter;
import edu.vt.middleware.crypt.util.CryptReader;
import edu.vt.middleware.crypt.util.HexConverter;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;

/* loaded from: input_file:edu/vt/middleware/crypt/signature/SignatureCli.class */
public class SignatureCli extends AbstractCli {
    protected static final String OPT_ALG = "alg";
    protected static final String OPT_ENCODING = "encoding";
    protected static final String OPT_DIGEST = "digest";
    protected static final String OPT_KEY = "key";
    protected static final String OPT_SIGN = "sign";
    protected static final String OPT_VERIFY = "verify";
    private static final String COMMAND_NAME = "sign";

    public static void main(String[] strArr) {
        new SignatureCli().performAction(strArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.vt.middleware.crypt.AbstractCli
    public void initOptions() {
        super.initOptions();
        Option option = new Option(OPT_ALG, true, "signature algorithm; either DSA or RSA");
        option.setArgName("name");
        option.setOptionalArg(false);
        Option option2 = new Option(OPT_KEY, true, "DER-encoded PKCS#8 private key for signing or X.509 cert/public key for verification");
        option2.setArgName("filepath");
        option2.setOptionalArg(false);
        Option option3 = new Option("in", true, "file to sign/verify; defaults to STDIN");
        option3.setArgName("filepath");
        option3.setOptionalArg(false);
        Option option4 = new Option(OPT_DIGEST, true, "message digest algorithm used to produce encoded message to sign");
        option4.setArgName("algname");
        option4.setOptionalArg(false);
        Option option5 = new Option(OPT_ENCODING, true, "signature encoding format, either base64 or hex");
        option5.setArgName("format");
        option5.setOptionalArg(false);
        Option option6 = new Option(OPT_VERIFY, true, "verify signature in given file; signature encoding determined by -encoding option");
        option5.setArgName("sigfilepath");
        option5.setOptionalArg(false);
        this.options.addOption(option);
        this.options.addOption(option2);
        this.options.addOption(option3);
        this.options.addOption(option4);
        this.options.addOption(option5);
        this.options.addOption(option6);
        this.options.addOption(new Option("sign", "perform sign operation"));
    }

    @Override // edu.vt.middleware.crypt.AbstractCli
    protected void dispatch(CommandLine commandLine) throws Exception {
        if (commandLine.hasOption("sign")) {
            sign(commandLine);
        } else if (commandLine.hasOption(OPT_VERIFY)) {
            verify(commandLine);
        } else {
            printHelp();
        }
    }

    @Override // edu.vt.middleware.crypt.AbstractCli
    protected String getCommandName() {
        return "sign";
    }

    protected SignatureAlgorithm newInstance(CommandLine commandLine) {
        return commandLine.hasOption(OPT_DIGEST) ? SignatureAlgorithm.newInstance(commandLine.getOptionValue(OPT_ALG), commandLine.getOptionValue(OPT_DIGEST)) : SignatureAlgorithm.newInstance(commandLine.getOptionValue(OPT_ALG));
    }

    protected void sign(CommandLine commandLine) throws Exception {
        AbstractEncodingConverter hexConverter;
        validateOptions(commandLine);
        SignatureAlgorithm newInstance = newInstance(commandLine);
        System.err.println("Reading private key from " + new File(commandLine.getOptionValue(OPT_KEY)));
        newInstance.setSignKey(readPrivateKey(commandLine));
        newInstance.initSign();
        InputStream inputStream = getInputStream(commandLine);
        byte[] sign = newInstance.sign(getInputStream(commandLine));
        closeStream(inputStream);
        if (!commandLine.hasOption(OPT_ENCODING)) {
            System.out.print(sign);
            return;
        }
        String optionValue = commandLine.getOptionValue(OPT_ENCODING);
        if ("base64".equals(optionValue)) {
            hexConverter = new Base64Converter();
        } else {
            if (!"hex".equals(optionValue)) {
                throw new IllegalArgumentException("Unknown encoding.");
            }
            hexConverter = new HexConverter();
        }
        System.out.println(hexConverter.fromBytes(sign));
    }

    protected void verify(CommandLine commandLine) throws Exception {
        validateOptions(commandLine);
        InputStream inputStream = getInputStream(commandLine);
        SignatureAlgorithm newInstance = newInstance(commandLine);
        newInstance.setVerifyKey(readPublicKey(commandLine));
        newInstance.initVerify();
        try {
            boolean verify = newInstance.verify(inputStream, readSignature(commandLine));
            closeStream(inputStream);
            if (verify) {
                System.out.println("SUCCESS -- signature verified.");
            } else {
                System.out.println("FAILURE -- signature does not match.");
            }
        } catch (Throwable th) {
            closeStream(inputStream);
            throw th;
        }
    }

    protected PublicKey readPublicKey(CommandLine commandLine) throws Exception {
        PublicKey readPublicKey;
        File file = new File(commandLine.getOptionValue(OPT_KEY));
        System.err.println("Reading public key from " + file);
        try {
            readPublicKey = CryptReader.readCertificate(file).getPublicKey();
        } catch (Exception e) {
            readPublicKey = CryptReader.readPublicKey(file);
        }
        return readPublicKey;
    }

    protected PrivateKey readPrivateKey(CommandLine commandLine) throws CryptException, IOException {
        return CryptReader.readPrivateKey(new File(commandLine.getOptionValue(OPT_KEY)));
    }

    protected byte[] readSignature(CommandLine commandLine) throws IOException {
        InputStream inputStream = getInputStream(commandLine, OPT_VERIFY);
        if (commandLine.hasOption(OPT_ENCODING)) {
            String optionValue = commandLine.getOptionValue(OPT_ENCODING);
            if ("base64".equals(optionValue)) {
                inputStream = new Base64FilterInputStream(inputStream);
            } else {
                if (!"hex".equals(optionValue)) {
                    throw new IllegalArgumentException("Unknown encoding.");
                }
                inputStream = new HexFilterInputStream(inputStream);
            }
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    protected void validateOptions(CommandLine commandLine) {
        if (!commandLine.hasOption(OPT_ALG)) {
            throw new IllegalArgumentException("alg option is required.");
        }
        if (!commandLine.hasOption(OPT_KEY)) {
            throw new IllegalArgumentException("key option is required.");
        }
    }
}
