package COSE;

import com.upokecenter.cbor.CBORObject;
import com.upokecenter.cbor.CBORType;
import java.math.BigInteger;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;

/* loaded from: input_file:COSE/Signer.class */
public class Signer extends Attribute {
    protected byte[] rgbSignature;
    protected String contextString = "Signature";
    OneKey cnKey;

    public Signer() {
    }

    public Signer(OneKey oneKey) {
        this.cnKey = oneKey;
    }

    public void clearKey() {
        this.cnKey = null;
    }

    @Deprecated
    public void setKey(CBORObject cBORObject) throws CoseException {
        this.cnKey = new OneKey(cBORObject);
        setupKey(this.cnKey);
    }

    public void setKey(OneKey oneKey) throws CoseException {
        setupKey(oneKey);
    }

    private void setupKey(OneKey oneKey) throws CoseException {
        this.cnKey = oneKey;
        if (this.rgbSignature != null) {
            return;
        }
        CBORObject cBORObject = oneKey.get(KeyKeys.Algorithm);
        if (cBORObject != null && findAttribute(HeaderKeys.Algorithm) == null) {
            addAttribute(HeaderKeys.Algorithm, cBORObject, 1);
        }
        CBORObject cBORObject2 = oneKey.get(KeyKeys.KeyId);
        if (cBORObject2 == null || findAttribute(HeaderKeys.KID) != null) {
            return;
        }
        addAttribute(HeaderKeys.KID, cBORObject2, 2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void DecodeFromCBORObject(CBORObject cBORObject) throws CoseException {
        if (cBORObject.getType() != CBORType.Array) {
            throw new CoseException("Invalid Signer structure");
        }
        if (cBORObject.size() != 3) {
            throw new CoseException("Invalid Signer structure");
        }
        if (cBORObject.get(0).getType() != CBORType.ByteString) {
            throw new CoseException("Invalid Signer structure");
        }
        this.rgbProtected = cBORObject.get(0).GetByteString();
        if (this.rgbProtected.length == 0) {
            this.objProtected = CBORObject.NewMap();
        } else {
            this.objProtected = CBORObject.DecodeFromBytes(this.rgbProtected);
            if (this.objProtected.size() == 0) {
                this.rgbProtected = new byte[0];
            }
        }
        if (cBORObject.get(1).getType() != CBORType.Map) {
            throw new CoseException("Invalid Signer structure");
        }
        this.objUnprotected = cBORObject.get(1);
        if (cBORObject.get(2).getType() == CBORType.ByteString) {
            this.rgbSignature = cBORObject.get(2).GetByteString();
        } else if (!cBORObject.get(2).isNull()) {
            throw new CoseException("Invalid Signer structure");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CBORObject EncodeToCBORObject() throws CoseException {
        if (this.rgbSignature == null) {
            throw new CoseException("Message not yet signed");
        }
        if (this.rgbProtected == null) {
            throw new CoseException("Internal Error");
        }
        CBORObject NewArray = CBORObject.NewArray();
        NewArray.Add(this.rgbProtected);
        NewArray.Add(this.objUnprotected);
        NewArray.Add(this.rgbSignature);
        return NewArray;
    }

    public void sign(byte[] bArr, byte[] bArr2) throws CoseException {
        if (this.rgbProtected == null) {
            if (this.objProtected.size() == 0) {
                this.rgbProtected = new byte[0];
            } else {
                this.rgbProtected = this.objProtected.EncodeToBytes();
            }
        }
        CBORObject NewArray = CBORObject.NewArray();
        NewArray.Add(this.contextString);
        NewArray.Add(bArr);
        NewArray.Add(this.rgbProtected);
        NewArray.Add(this.externalData);
        NewArray.Add(bArr2);
        this.rgbSignature = computeSignature(AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm)), NewArray.EncodeToBytes(), this.cnKey);
    }

    public boolean validate(byte[] bArr, byte[] bArr2) throws CoseException {
        CBORObject NewArray = CBORObject.NewArray();
        NewArray.Add(this.contextString);
        NewArray.Add(bArr);
        NewArray.Add(this.rgbProtected);
        NewArray.Add(this.externalData);
        NewArray.Add(bArr2);
        return validateSignature(AlgorithmID.FromCBOR(findAttribute(HeaderKeys.Algorithm)), NewArray.EncodeToBytes(), this.rgbSignature, this.cnKey);
    }

    static byte[] computeSignature(AlgorithmID algorithmID, byte[] bArr, OneKey oneKey) throws CoseException {
        SHA256Digest sHA512Digest;
        switch (algorithmID) {
            case ECDSA_256:
                sHA512Digest = new SHA256Digest();
                break;
            case ECDSA_384:
                sHA512Digest = new SHA384Digest();
                break;
            case ECDSA_512:
                sHA512Digest = new SHA512Digest();
                break;
            default:
                throw new CoseException("Unsupported Algorithm Specified");
        }
        switch (algorithmID) {
            case ECDSA_256:
            case ECDSA_384:
            case ECDSA_512:
                sHA512Digest.update(bArr, 0, bArr.length);
                byte[] bArr2 = new byte[sHA512Digest.getDigestSize()];
                sHA512Digest.doFinal(bArr2, 0);
                CBORObject cBORObject = oneKey.get(KeyKeys.KeyType);
                if (cBORObject == null || cBORObject != KeyKeys.KeyType_EC2) {
                    throw new CoseException("Must use key with key type EC2");
                }
                CBORObject cBORObject2 = oneKey.get(KeyKeys.EC2_D);
                if (cBORObject2 == null) {
                    throw new CoseException("Private key required to sign");
                }
                X9ECParameters GetCurve = oneKey.GetCurve();
                ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, cBORObject2.GetByteString()), new ECDomainParameters(GetCurve.getCurve(), GetCurve.getG(), GetCurve.getN(), GetCurve.getH()));
                ECDSASigner eCDSASigner = new ECDSASigner();
                eCDSASigner.init(true, eCPrivateKeyParameters);
                BigInteger[] generateSignature = eCDSASigner.generateSignature(bArr2);
                int fieldSize = (GetCurve.getCurve().getFieldSize() + 7) / 8;
                byte[] byteArray = generateSignature[0].toByteArray();
                byte[] byteArray2 = generateSignature[1].toByteArray();
                byte[] bArr3 = new byte[fieldSize * 2];
                int min = Integer.min(fieldSize, byteArray.length);
                System.arraycopy(byteArray, byteArray.length - min, bArr3, fieldSize - min, min);
                int min2 = Integer.min(fieldSize, byteArray2.length);
                System.arraycopy(byteArray2, byteArray2.length - min2, bArr3, (fieldSize + fieldSize) - min2, min2);
                return bArr3;
            default:
                throw new CoseException("Internal error");
        }
    }

    static boolean validateSignature(AlgorithmID algorithmID, byte[] bArr, byte[] bArr2, OneKey oneKey) throws CoseException {
        SHA256Digest sHA512Digest;
        switch (algorithmID) {
            case ECDSA_256:
                sHA512Digest = new SHA256Digest();
                break;
            case ECDSA_384:
                sHA512Digest = new SHA384Digest();
                break;
            case ECDSA_512:
                sHA512Digest = new SHA512Digest();
                break;
            default:
                throw new CoseException("Unsupported algorithm specified");
        }
        switch (algorithmID) {
            case ECDSA_256:
            case ECDSA_384:
            case ECDSA_512:
                byte[] bArr3 = new byte[bArr2.length / 2];
                byte[] bArr4 = new byte[bArr2.length / 2];
                System.arraycopy(bArr2, 0, bArr3, 0, bArr3.length);
                System.arraycopy(bArr2, bArr3.length, bArr4, 0, bArr3.length);
                sHA512Digest.update(bArr, 0, bArr.length);
                byte[] bArr5 = new byte[sHA512Digest.getDigestSize()];
                sHA512Digest.doFinal(bArr5, 0);
                X9ECParameters GetCurve = oneKey.GetCurve();
                ECPublicKeyParameters eCPublicKeyParameters = new ECPublicKeyParameters(GetCurve.getCurve().createPoint(new BigInteger(1, oneKey.get(KeyKeys.EC2_X.AsCBOR()).GetByteString()), new BigInteger(1, oneKey.get(KeyKeys.EC2_Y.AsCBOR()).GetByteString())), new ECDomainParameters(GetCurve.getCurve(), GetCurve.getG(), GetCurve.getN(), GetCurve.getH()));
                ECDSASigner eCDSASigner = new ECDSASigner();
                eCDSASigner.init(false, eCPublicKeyParameters);
                return eCDSASigner.verifySignature(bArr5, new BigInteger(1, bArr3), new BigInteger(1, bArr4));
            default:
                throw new CoseException("Internal error");
        }
    }
}
