package oracle.security.crypto.core;

import java.io.IOException;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1Utils;
import oracle.security.crypto.fips.FIPS_140_2;
import oracle.security.crypto.provider.TransitionMode;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:BOOT-INF/lib/osdt_core-19.3.0.0.jar:oracle/security/crypto/core/RSAMDSignature.class */
public final class RSAMDSignature extends Signature {
    private RSAPublicKey c;
    private RSAPrivateKey d;
    private AlgorithmIdentifier e;
    private RandomBitsSource g;
    private byte[] h;
    public static final ASN1ObjectID rsaKeyOID = new ASN1ObjectID(ASN1Utils.pkcsID, 1, 1);
    public static final ASN1ObjectID rsaMD2SigOID = new ASN1ObjectID(ASN1Utils.pkcsID, 1, 2);
    public static final ASN1ObjectID rsaMD5SigOID = new ASN1ObjectID(ASN1Utils.pkcsID, 1, 4);
    public static final ASN1ObjectID rsaSHASigOID = new ASN1ObjectID(ASN1Utils.pkcsID, 1, 5);
    public static final ASN1ObjectID rsaSHA256SigOID = new ASN1ObjectID(ASN1Utils.pkcsID, 1, 11);
    public static final ASN1ObjectID rsaSHASigOldOID = new ASN1ObjectID(ASN1Utils.oiwAlgID, 29);
    private static AlgorithmIdentifier f = AlgID.md5;

    public RSAMDSignature() {
        this.h = null;
        this.e = f;
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey) {
        this(rSAPublicKey, f);
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey, AlgorithmIdentifier algorithmIdentifier) {
        this.h = null;
        this.c = rSAPublicKey;
        setMessageDigestAlgID(algorithmIdentifier);
    }

    public RSAMDSignature(RSAPrivateKey rSAPrivateKey) {
        this(rSAPrivateKey, f);
    }

    public RSAMDSignature(RSAPrivateKey rSAPrivateKey, AlgorithmIdentifier algorithmIdentifier) {
        this.h = null;
        this.d = rSAPrivateKey;
        setMessageDigestAlgID(algorithmIdentifier);
    }

    public RSAMDSignature(RSAPrivateKey rSAPrivateKey, byte[] bArr) throws SignatureException {
        this(rSAPrivateKey, f, bArr);
    }

    public RSAMDSignature(RSAPrivateKey rSAPrivateKey, AlgorithmIdentifier algorithmIdentifier, byte[] bArr) throws SignatureException {
        this(rSAPrivateKey, algorithmIdentifier);
        setDocument(bArr);
        sign();
    }

    public RSAMDSignature(RSAPublicKey rSAPublicKey, byte[] bArr, byte[] bArr2) {
        this(rSAPublicKey);
        setSigBytes(bArr);
        setDocument(bArr2);
    }

    @Override // oracle.security.crypto.core.Signature
    public void setAlgID(AlgorithmIdentifier algorithmIdentifier) throws AlgorithmIdentifierException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (algorithmIdentifier.equals(AlgID.md2WithRSAEncryption)) {
            this.e = AlgID.md2;
            return;
        }
        if (algorithmIdentifier.equals(AlgID.md5WithRSAEncryption)) {
            this.e = AlgID.md5;
            return;
        }
        if (algorithmIdentifier.equals(AlgID.sha_1WithRSAEncryption)) {
            this.e = AlgID.sha_1;
            return;
        }
        if (algorithmIdentifier.equals(AlgID.sha256WithRSAEncryption)) {
            this.e = AlgID.sha_256;
        } else if (algorithmIdentifier.equals(AlgID.sha384WithRSAEncryption)) {
            this.e = AlgID.sha_384;
        } else {
            if (!algorithmIdentifier.equals(AlgID.sha512WithRSAEncryption)) {
                throw new AlgorithmIdentifierException("Invalid AlgorithmIdentifier for RSAMDSignature");
            }
            this.e = AlgID.sha_512;
        }
    }

    @Override // oracle.security.crypto.core.Signature
    public AlgorithmIdentifier getAlgID() {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (this.e.equals(AlgID.md2)) {
            return AlgID.md2WithRSAEncryption;
        }
        if (this.e.equals(AlgID.md5)) {
            return AlgID.md5WithRSAEncryption;
        }
        if (this.e.equals(AlgID.sha_1)) {
            return AlgID.sha_1WithRSAEncryption;
        }
        if (this.e.equals(AlgID.sha_256)) {
            return AlgID.sha256WithRSAEncryption;
        }
        if (this.e.equals(AlgID.sha_384)) {
            return AlgID.sha384WithRSAEncryption;
        }
        if (this.e.equals(AlgID.sha_512)) {
            return AlgID.sha512WithRSAEncryption;
        }
        throw new IllegalStateException("No appropriate algorithm identifier.");
    }

    @Override // oracle.security.crypto.core.Signature
    public AlgorithmIdentifier getDigestEncryptionAlgID() {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return AlgID.rsaEncryption;
    }

    public void setMessageDigestAlgID(AlgorithmIdentifier algorithmIdentifier) {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.e = algorithmIdentifier;
    }

    public AlgorithmIdentifier getMessageDigestAlgID() {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        return this.e;
    }

    @Override // oracle.security.crypto.core.Signature
    public String algName() {
        if (this.e.equals(AlgID.md2)) {
            return "RSA/MD2";
        }
        if (this.e.equals(AlgID.md5)) {
            return "RSA/MD5";
        }
        if (this.e.equals(AlgID.sha_1)) {
            return "RSA/SHA";
        }
        if (this.e.equals(AlgID.sha_256)) {
            return "RSA/SHA256";
        }
        if (this.e.equals(AlgID.sha_384)) {
            return "RSA/SHA384";
        }
        if (this.e.equals(AlgID.sha_512)) {
            return "RSA/SHA512";
        }
        throw new IllegalStateException("No appropriate algorithm identifier.");
    }

    @Override // oracle.security.crypto.core.Signature
    public void setPublicKey(PublicKey publicKey) throws InvalidKeyException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new InvalidKeyException();
        }
        this.c = (RSAPublicKey) publicKey;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        if (!(privateKey instanceof RSAPrivateKey)) {
            throw new InvalidKeyException();
        }
        this.d = (RSAPrivateKey) privateKey;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setHash(byte[] bArr) {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.h = bArr;
        this.b = null;
    }

    @Override // oracle.security.crypto.core.Signature
    public void setRandomBitsSource(RandomBitsSource randomBitsSource) {
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        this.g = randomBitsSource;
    }

    @Override // oracle.security.crypto.core.Signature
    public boolean verify() throws AuthenticationException {
        byte[] a;
        byte[] digest;
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        try {
            Cipher cipher = Cipher.getInstance(AlgID.rsaEncryption, this.c);
            if (this.h != null) {
                a = this.h;
                digest = cipher.decrypt(getSigBytes());
            } else {
                MessageDigest messageDigest = MessageDigest.getInstance(this.e);
                messageDigest.update(getDocument());
                messageDigest.computeCurrent();
                a = messageDigest.a();
                DigestInfo digestInfo = new DigestInfo(new UnsyncByteArrayInputStream(cipher.decrypt(getSigBytes())));
                if (!digestInfo.getDigestAlgID().equals(this.e)) {
                    throw new AuthenticationException("Signature has unexpected MD type");
                }
                digest = digestInfo.getDigest();
            }
            cipher.erase();
            boolean areEqual = Utils.areEqual(a, digest);
            if (areEqual || this.h == null) {
                return areEqual;
            }
            try {
                DigestInfo digestInfo2 = new DigestInfo(new UnsyncByteArrayInputStream(this.h));
                DigestInfo digestInfo3 = new DigestInfo(new UnsyncByteArrayInputStream(digest));
                if (digestInfo2.getDigestAlgID().equals(digestInfo3.getDigestAlgID())) {
                    return Utils.areEqual(digestInfo2.getDigest(), digestInfo3.getDigest());
                }
                return false;
            } catch (IOException e) {
                return false;
            }
        } catch (IOException e2) {
            throw new AuthenticationException(e2.toString());
        } catch (ClassCastException e3) {
            throw new AuthenticationException(e3.toString());
        } catch (AlgorithmIdentifierException e4) {
            throw new AuthenticationException(e4.toString());
        } catch (CipherException e5) {
            throw new AuthenticationException(e5.toString());
        } catch (InvalidKeyException e6) {
            throw new AuthenticationException(e6.toString());
        }
    }

    @Override // oracle.security.crypto.core.Signature
    public byte[] sign() throws SignatureException {
        byte[] bytes;
        TransitionMode.checkCryptoCoreUseAllowed();
        FIPS_140_2.assertReadyState();
        try {
            if (this.h != null) {
                bytes = this.h;
            } else {
                MessageDigest messageDigest = MessageDigest.getInstance(this.e);
                messageDigest.computeDigest(getDocument());
                bytes = Utils.toBytes(new DigestInfo(messageDigest.getAlgID(), messageDigest.a()));
            }
            setSigBytes(Cipher.getInstance(AlgID.rsaEncryption, this.d, this.g).encrypt(bytes));
            return getSigBytes();
        } catch (AlgorithmIdentifierException e) {
            throw new SignatureException(e.toString());
        } catch (CipherException e2) {
            throw new SignatureException(e2.toString());
        } catch (InvalidKeyException e3) {
            throw new SignatureException(e3.toString());
        }
    }
}
