package org.metastatic.jessie.provider;

import gnu.crypto.hash.HashFactory;
import gnu.crypto.hash.IMessageDigest;
import gnu.crypto.sig.ISignature;
import gnu.crypto.sig.rsa.RSA;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Map;

/* loaded from: input_file:org/metastatic/jessie/provider/SSLRSASignature.class */
final class SSLRSASignature implements ISignature {
    private RSAPublicKey pubkey;
    private RSAPrivateKey privkey;
    private final IMessageDigest md5;
    private final IMessageDigest sha;
    private boolean initVerify;
    private boolean initSign;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLRSASignature() {
        this(HashFactory.getInstance("MD5"), HashFactory.getInstance("SHA-1"));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLRSASignature(IMessageDigest iMessageDigest, IMessageDigest iMessageDigest2) {
        this.initVerify = false;
        this.initSign = false;
        this.md5 = iMessageDigest;
        this.sha = iMessageDigest2;
    }

    @Override // gnu.crypto.sig.ISignature
    public String name() {
        return "RSA/SSL";
    }

    @Override // gnu.crypto.sig.ISignature
    public void setupVerify(Map map) {
        PublicKey publicKey = (PublicKey) map.get(ISignature.VERIFIER_KEY);
        if (publicKey == null) {
            if (!this.initSign) {
                throw new IllegalArgumentException("no key supplied");
            }
        } else {
            if (!(publicKey instanceof RSAPublicKey)) {
                throw new IllegalArgumentException("not an RSA key");
            }
            this.pubkey = (RSAPublicKey) publicKey;
            this.privkey = null;
            this.initSign = false;
            this.initVerify = true;
        }
    }

    @Override // gnu.crypto.sig.ISignature
    public void setupSign(Map map) {
        PrivateKey privateKey = (PrivateKey) map.get(ISignature.SIGNER_KEY);
        if (privateKey == null) {
            if (!this.initVerify) {
                throw new IllegalArgumentException("no key supplied");
            }
        } else {
            if (!(privateKey instanceof RSAPrivateKey)) {
                throw new IllegalArgumentException("not an RSA key");
            }
            this.privkey = (RSAPrivateKey) privateKey;
            this.pubkey = null;
            this.initVerify = false;
            this.initSign = true;
        }
    }

    @Override // gnu.crypto.sig.ISignature
    public void update(byte b) {
        if (!this.initVerify && !this.initSign) {
            throw new IllegalStateException();
        }
        this.md5.update(b);
        this.sha.update(b);
    }

    @Override // gnu.crypto.sig.ISignature
    public void update(byte[] bArr, int i, int i2) {
        if (!this.initVerify && !this.initSign) {
            throw new IllegalStateException();
        }
        this.md5.update(bArr, i, i2);
        this.sha.update(bArr, i, i2);
    }

    @Override // gnu.crypto.sig.ISignature
    public Object sign() {
        if (!this.initSign) {
            throw new IllegalStateException();
        }
        int bitLength = (this.privkey.getModulus().bitLength() + 7) >>> 3;
        byte[] concat = Util.concat(this.md5.digest(), this.sha.digest());
        if (bitLength - 11 < concat.length) {
            throw new IllegalArgumentException("message too long");
        }
        byte[] bArr = new byte[bitLength];
        bArr[0] = 0;
        bArr[1] = 1;
        for (int i = 2; i < (bitLength - concat.length) - 1; i++) {
            bArr[i] = -1;
        }
        System.arraycopy(concat, 0, bArr, bitLength - concat.length, concat.length);
        return Util.trim(RSA.sign(this.privkey, new BigInteger(bArr)));
    }

    @Override // gnu.crypto.sig.ISignature
    public boolean verify(Object obj) {
        int i;
        if (!this.initVerify) {
            throw new IllegalStateException();
        }
        byte[] byteArray = RSA.verify(this.pubkey, new BigInteger(1, (byte[]) obj)).toByteArray();
        if (byteArray[0] == 0) {
            i = 0;
            while (i < byteArray.length && byteArray[i] == 0) {
                i++;
            }
        } else {
            if (byteArray[0] != 1) {
                throw new IllegalArgumentException("decryption failed");
            }
            int i2 = 1;
            while (i2 < byteArray.length && byteArray[i2] != 0) {
                if (byteArray[i2] != -1) {
                    throw new IllegalArgumentException("bad padding");
                }
                i2++;
            }
            i = i2 + 1;
        }
        return Arrays.equals(Util.trim(byteArray, i, byteArray.length - i), Util.concat(this.md5.digest(), this.sha.digest()));
    }

    @Override // gnu.crypto.sig.ISignature
    public Object clone() {
        throw new UnsupportedOperationException();
    }
}
