package com.hastobe.transparenzsoftware.verification.format.sml.IsaEDL40;

import com.hastobe.transparenzsoftware.Utils;
import com.hastobe.transparenzsoftware.verification.ValidationException;
import com.hastobe.transparenzsoftware.verification.VerificationLogger;
import com.hastobe.transparenzsoftware.verification.format.sml.SMLSignature;
import com.hastobe.transparenzsoftware.verification.format.sml.SMLSignatureVerifier;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/hastobe/transparenzsoftware/verification/format/sml/IsaEDL40/IsaSMLSignatureVerifier.class */
public class IsaSMLSignatureVerifier extends SMLSignatureVerifier {
    private static final Logger LOGGER;
    static final /* synthetic */ boolean $assertionsDisabled;

    public IsaSMLSignatureVerifier() {
        Security.addProvider(new BouncyCastleProvider());
        this.PUBLIC_KEY_BYTES_LENGTH = 64;
        this.KEY_POINT_DATA_LENGTH = 32;
        this.ELLIPTIC_CURVE_ALGORITHM = "secp256r1";
        this.CROPPED_DATA_LENGTH = 32;
    }

    @Override // com.hastobe.transparenzsoftware.verification.format.sml.SMLSignatureVerifier, com.hastobe.transparenzsoftware.verification.format.sml.Verifier
    public boolean verify(byte[] bArr, byte[] bArr2, byte[] bArr3) throws ValidationException {
        byte[] copyOfRange = Arrays.copyOfRange(bArr2, 0, bArr2.length / 2);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr2, bArr2.length / 2, bArr2.length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(this.PLUS_SIGN, copyOfRange)));
        aSN1EncodableVector.add(new ASN1Integer(new BigInteger(this.PLUS_SIGN, copyOfRange2)));
        try {
            dEROutputStream.writeObject(new DERSequence(aSN1EncodableVector));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            try {
                boolean verify = initSignature(bArr, bArr3).verify(byteArray);
                VerificationLogger.log("IsaSML", this.ELLIPTIC_CURVE_ALGORITHM, bArr, bArr3, byteArray, verify);
                return verify;
            } catch (InvalidKeyException e) {
                throw new ValidationException("Invalid public key supplied", e);
            } catch (NoSuchAlgorithmException | NoSuchProviderException e2) {
                throw new ValidationException("Failure on initialising the crypto algorithms", e2);
            } catch (SignatureException e3) {
                throw new ValidationException("Invalid signature supplied", e3);
            }
        } catch (IOException e4) {
            throw new RuntimeException("Could not create DER sequence");
        }
    }

    @Override // com.hastobe.transparenzsoftware.verification.format.sml.SMLSignatureVerifier
    public boolean verify(byte[] bArr, SMLSignature sMLSignature) throws ValidationException {
        return verify(bArr, ((IsaEDL40Signature) sMLSignature).getDataSignature(), Utils.hashSHA256(sMLSignature.buildExtendedSignatureData()));
    }

    private Signature initSignature(byte[] bArr, byte[] bArr2) throws NoSuchProviderException, NoSuchAlgorithmException, ValidationException, SignatureException, InvalidKeyException {
        if (!$assertionsDisabled && bArr2.length != this.CROPPED_DATA_LENGTH) {
            throw new AssertionError();
        }
        Signature signature = Signature.getInstance(this.SIGNATURE_ALGORITHM, "BC");
        signature.initVerify(getPublicKeyFromBytes(bArr));
        signature.update(bArr2);
        return signature;
    }

    private BigInteger getPointXKeyCurve(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != this.PUBLIC_KEY_BYTES_LENGTH) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[this.KEY_POINT_DATA_LENGTH];
        System.arraycopy(bArr, 0, bArr2, 0, this.KEY_POINT_DATA_LENGTH);
        return new BigInteger(this.PLUS_SIGN, bArr2);
    }

    private BigInteger getPointYKeyCurve(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != this.PUBLIC_KEY_BYTES_LENGTH) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[this.KEY_POINT_DATA_LENGTH];
        System.arraycopy(bArr, this.KEY_POINT_DATA_LENGTH, bArr2, 0, this.KEY_POINT_DATA_LENGTH);
        return new BigInteger(this.PLUS_SIGN, bArr2);
    }

    private ECPublicKeySpec initPublicKeyCryptoSpecs(byte[] bArr) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidParameterSpecException {
        if (!$assertionsDisabled && bArr.length != this.PUBLIC_KEY_BYTES_LENGTH) {
            throw new AssertionError();
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(this.KEY_ALGORITHM, "BC");
        algorithmParameters.init(new ECGenParameterSpec(this.ELLIPTIC_CURVE_ALGORITHM));
        return new ECPublicKeySpec(new ECPoint(getPointXKeyCurve(bArr), getPointYKeyCurve(bArr)), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class));
    }

    static {
        $assertionsDisabled = !IsaSMLSignatureVerifier.class.desiredAssertionStatus();
        LOGGER = LogManager.getLogger((Class<?>) IsaSMLSignatureVerifier.class);
    }
}
