package com.hastobe.transparenzsoftware.verification.format.ocmf;

import com.hastobe.transparenzsoftware.Utils;
import com.hastobe.transparenzsoftware.verification.ASN1Exception;
import com.hastobe.transparenzsoftware.verification.ASN1Utils;
import com.hastobe.transparenzsoftware.verification.ValidationException;
import com.hastobe.transparenzsoftware.verification.VerificationLogger;
import com.hastobe.transparenzsoftware.verification.format.sml.Verifier;
import java.security.Security;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.sec.SECNamedCurves;
import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.math.ec.ECCurve;

/* loaded from: input_file:com/hastobe/transparenzsoftware/verification/format/ocmf/OCMFVerifier.class */
public class OCMFVerifier implements Verifier {
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) OCMFVerifier.class);
    private String curve;

    public OCMFVerifier(String str) {
        this.curve = str;
        Security.addProvider(new BouncyCastleProvider());
    }

    @Override // com.hastobe.transparenzsoftware.verification.format.sml.Verifier
    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) throws ValidationException {
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(false, preparePublicKeyData(bArr));
        try {
            ASN1Utils.SignatureRS readSignatureRS = ASN1Utils.readSignatureRS(bArr2);
            byte[] hashSHA256 = Utils.hashSHA256(bArr3);
            boolean verifySignature = eCDSASigner.verifySignature(hashSHA256, readSignatureRS.getR(), readSignatureRS.getS());
            VerificationLogger.log(OCMFVerificationParser.HEADER_VALUE, OCMFVerificationParser.SIGNATURE_METHOD_ECDSA, bArr, hashSHA256, bArr2, verifySignature);
            return verifySignature;
        } catch (ASN1Exception e) {
            throw new OCMFValidationException("Invalid length of asn1Signature given", "error.invalid.asn1Signature.length", e);
        }
    }

    private ECPublicKeyParameters preparePublicKeyData(byte[] bArr) throws ValidationException {
        if (bArr == null) {
            throw new OCMFValidationException("Cannot read public key (null)", "error.values.publickey.cannot.encode");
        }
        try {
            byte[] readPublicKey = ASN1Utils.readPublicKey(bArr);
            X9ECParameters byName = this.curve.contains("brain") ? TeleTrusTNamedCurves.getByName(this.curve) : SECNamedCurves.getByName(this.curve);
            if (byName == null) {
                throw new OCMFValidationException("Invalid curve provided", "error.invalid.curve.name");
            }
            ECCurve curve = byName.getCurve();
            try {
                return new ECPublicKeyParameters(curve.decodePoint(readPublicKey), new ECDomainParameters(curve, byName.getG(), byName.getN(), byName.getH(), byName.getSeed()));
            } catch (IllegalArgumentException e) {
                LOGGER.error("Invalid point given for public key", (Throwable) e);
                throw new OCMFValidationException("Invalid public key point given", "error.invalid.public.key", e);
            }
        } catch (ASN1Exception e2) {
            throw new OCMFValidationException("Cannot read public key", "error.values.publickey.cannot.encode");
        }
    }
}
