package org.xdi.oxauth.model.jws;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.xdi.oxauth.model.crypto.Certificate;
import org.xdi.oxauth.model.crypto.signature.RSAPrivateKey;
import org.xdi.oxauth.model.crypto.signature.RSAPublicKey;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.util.JwtUtil;
import org.xdi.oxauth.model.util.Util;

/* loaded from: input_file:org/xdi/oxauth/model/jws/RSASigner.class */
public class RSASigner extends AbstractJwsSigner {
    private RSAPrivateKey rsaPrivateKey;
    private RSAPublicKey rsaPublicKey;

    public RSASigner(SignatureAlgorithm signatureAlgorithm, RSAPrivateKey rSAPrivateKey) {
        super(signatureAlgorithm);
        this.rsaPrivateKey = rSAPrivateKey;
    }

    public RSASigner(SignatureAlgorithm signatureAlgorithm, RSAPublicKey rSAPublicKey) {
        super(signatureAlgorithm);
        this.rsaPublicKey = rSAPublicKey;
    }

    public RSASigner(SignatureAlgorithm signatureAlgorithm, Certificate certificate) {
        super(signatureAlgorithm);
        this.rsaPublicKey = certificate.getRsaPublicKey();
    }

    @Override // org.xdi.oxauth.model.jws.AbstractJwsSigner
    public String generateSignature(String str) throws SignatureException {
        if (getSignatureAlgorithm() == null) {
            throw new SignatureException("The signature algorithm is null");
        }
        if (this.rsaPrivateKey == null) {
            throw new SignatureException("The RSA private key is null");
        }
        if (str == null) {
            throw new SignatureException("The signing input is null");
        }
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA", "BC").generatePrivate(new RSAPrivateKeySpec(this.rsaPrivateKey.getModulus(), this.rsaPrivateKey.getPrivateExponent()));
            Signature signature = Signature.getInstance(getSignatureAlgorithm().getAlgorithm(), "BC");
            signature.initSign(generatePrivate);
            signature.update(str.getBytes(Util.UTF8_STRING_ENCODING));
            return JwtUtil.base64urlencode(signature.sign());
        } catch (UnsupportedEncodingException e) {
            throw new SignatureException(e);
        } catch (InvalidKeyException e2) {
            throw new SignatureException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new SignatureException(e3);
        } catch (NoSuchProviderException e4) {
            throw new SignatureException(e4);
        } catch (SignatureException e5) {
            throw new SignatureException(e5);
        } catch (InvalidKeySpecException e6) {
            throw new SignatureException(e6);
        } catch (Exception e7) {
            throw new SignatureException(e7);
        }
    }

    @Override // org.xdi.oxauth.model.jws.AbstractJwsSigner
    public boolean validateSignature(String str, String str2) throws SignatureException {
        String str3;
        if (getSignatureAlgorithm() == null) {
            throw new SignatureException("The signature algorithm is null");
        }
        if (this.rsaPublicKey == null) {
            throw new SignatureException("The RSA public key is null");
        }
        if (str == null) {
            throw new SignatureException("The signing input is null");
        }
        switch (getSignatureAlgorithm()) {
            case RS256:
                str3 = "SHA-256";
                break;
            case RS384:
                str3 = "SHA-384";
                break;
            case RS512:
                str3 = "SHA-512";
                break;
            default:
                throw new SignatureException("Unsupported signature algorithm");
        }
        ASN1InputStream aSN1InputStream = null;
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                byte[] base64urldecode = JwtUtil.base64urldecode(str2);
                                byte[] bytes = str.getBytes(Util.UTF8_STRING_ENCODING);
                                PublicKey generatePublic = KeyFactory.getInstance("RSA", "BC").generatePublic(new RSAPublicKeySpec(this.rsaPublicKey.getModulus(), this.rsaPublicKey.getPublicExponent()));
                                Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
                                cipher.init(2, generatePublic);
                                aSN1InputStream = new ASN1InputStream(cipher.doFinal(base64urldecode));
                                ASN1Sequence readObject = aSN1InputStream.readObject();
                                MessageDigest messageDigest = MessageDigest.getInstance(str3, "BC");
                                messageDigest.update(bytes);
                                boolean isEqual = MessageDigest.isEqual(messageDigest.digest(), readObject.getObjectAt(1).getOctets());
                                IOUtils.closeQuietly(aSN1InputStream);
                                return isEqual;
                            } catch (IOException e) {
                                throw new SignatureException(e);
                            }
                        } catch (NoSuchProviderException e2) {
                            throw new SignatureException(e2);
                        } catch (Exception e3) {
                            throw new SignatureException(e3);
                        }
                    } catch (InvalidKeySpecException e4) {
                        throw new SignatureException(e4);
                    } catch (NoSuchPaddingException e5) {
                        throw new SignatureException(e5);
                    }
                } catch (InvalidKeyException e6) {
                    throw new SignatureException(e6);
                } catch (IllegalBlockSizeException e7) {
                    throw new SignatureException(e7);
                }
            } catch (NoSuchAlgorithmException e8) {
                throw new SignatureException(e8);
            } catch (BadPaddingException e9) {
                throw new SignatureException(e9);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(aSN1InputStream);
            throw th;
        }
    }
}
