package at.atrust.mobsig.library.jws;

import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.Security;
import java.security.Signature;
import java.security.cert.X509Certificate;
import kotlin.UByte;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes18.dex */
public class JwsSignature {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) JwsSignature.class);
    public JoseHeader protectedHeader;
    public String payload = null;
    private String signature = null;
    private String tbs = null;

    /* renamed from: at.atrust.mobsig.library.jws.JwsSignature$1, reason: invalid class name */
    /* loaded from: classes18.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg;

        static {
            int[] iArr = new int[JoseAlg.values().length];
            $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg = iArr;
            try {
                iArr[JoseAlg.ES256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[JoseAlg.ES512.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[JoseAlg.PS256.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[JoseAlg.PS512.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[JoseAlg.RS256.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[JoseAlg.RS512.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public JwsSignature() {
        this.protectedHeader = null;
        this.protectedHeader = new JoseHeader();
    }

    private byte[] reformateEcdsaSignatureBeforeVerify(byte[] bArr) {
        try {
            int length = bArr.length / 2;
            byte[] bArr2 = (bArr[0] & UByte.MAX_VALUE) > 127 ? new byte[length + 1] : new byte[length];
            System.arraycopy(bArr, 0, bArr2, bArr2.length - length, length);
            byte[] bArr3 = (bArr[length] & UByte.MAX_VALUE) > 127 ? new byte[length + 1] : new byte[length];
            System.arraycopy(bArr, length, bArr3, bArr3.length - length, length);
            BigInteger bigInteger = new BigInteger(bArr2);
            BigInteger bigInteger2 = new BigInteger(bArr3);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new ASN1Integer(bigInteger));
            aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
            return new DERSequence(aSN1EncodableVector).getEncoded();
        } catch (Exception e) {
            LOGGER.error("reformateEcdsaSignatureBeforeVerify", (Throwable) e);
            return bArr;
        }
    }

    public String getSignature() {
        return this.signature;
    }

    public String getSignedData() {
        return this.tbs + "." + this.signature;
    }

    public byte[] getToBeSigned() {
        JoseHeader joseHeader;
        if (this.payload == null || (joseHeader = this.protectedHeader) == null) {
            return null;
        }
        String str = JwHelper.base64UrlEncode(joseHeader.toString()) + "." + JwHelper.base64UrlEncode(this.payload);
        this.tbs = str;
        return str.getBytes(StandardCharsets.UTF_8);
    }

    public boolean parse(String str) {
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    String[] split = str.split("\\.");
                    if (3 != split.length) {
                        return false;
                    }
                    this.signature = split[2];
                    this.tbs = split[0] + " " + split[1];
                    JoseHeader fromJSON = JoseHeader.fromJSON(JwHelper.base64UrlDecodeToString(split[0]));
                    this.protectedHeader = fromJSON;
                    if (fromJSON == null) {
                        return false;
                    }
                    String base64UrlDecodeToString = JwHelper.base64UrlDecodeToString(split[1]);
                    this.payload = base64UrlDecodeToString;
                    return base64UrlDecodeToString != null;
                }
            } catch (Exception e) {
                LOGGER.error("exception in JwsSignature.parse()", (Throwable) e);
                return false;
            }
        }
        return false;
    }

    public void setSignature(String str) {
        this.signature = str;
    }

    public void setSignature(byte[] bArr) {
        this.signature = JwHelper.base64UrlEncode(bArr);
    }

    public boolean verify(X509Certificate x509Certificate) {
        if (this.protectedHeader == null || this.payload == null || this.signature == null || this.tbs == null) {
            return false;
        }
        String str = null;
        boolean z = false;
        try {
            switch (AnonymousClass1.$SwitchMap$at$atrust$mobsig$library$jws$JoseAlg[this.protectedHeader.alg.ordinal()]) {
                case 1:
                    str = "ECDSAWITHSHA256";
                    z = true;
                    break;
                case 2:
                    str = "ECDSAWITHSHA512";
                    z = true;
                    break;
                case 3:
                    str = "SHA256WITHRSAANDMGF1";
                    break;
                case 4:
                    str = "SHA512WITHRSAANDMGF1";
                    break;
                case 5:
                    str = "SHA256WITHRSA";
                    break;
                case 6:
                    str = "SHA512WITHRSA";
                    break;
                default:
                    LOGGER.error("invalid value for alg");
                    break;
            }
            if (str == null) {
                LOGGER.error("unknown algorithm");
                return false;
            }
            byte[] base64UrlDecode = JwHelper.base64UrlDecode(this.signature);
            if (z) {
                base64UrlDecode = reformateEcdsaSignatureBeforeVerify(base64UrlDecode);
            }
            Security.addProvider(new BouncyCastleProvider());
            Signature signature = Signature.getInstance(str);
            signature.initVerify(x509Certificate);
            signature.update(this.tbs.getBytes(StandardCharsets.UTF_8));
            return signature.verify(base64UrlDecode);
        } catch (Exception e) {
            LOGGER.error("exception in JwsSignature verify", (Throwable) e);
            return false;
        }
    }
}
