package com.wolfssl.provider.jce;

import com.microsoft.identity.common.java.cache.CacheKeyValueDelegate;
import com.wolfssl.wolfcrypt.Asn;
import com.wolfssl.wolfcrypt.Ecc;
import com.wolfssl.wolfcrypt.Md5;
import com.wolfssl.wolfcrypt.Rng;
import com.wolfssl.wolfcrypt.Rsa;
import com.wolfssl.wolfcrypt.Sha;
import com.wolfssl.wolfcrypt.Sha256;
import com.wolfssl.wolfcrypt.Sha384;
import com.wolfssl.wolfcrypt.Sha512;
import com.wolfssl.wolfcrypt.WolfCryptException;
import cz.msebera.android.httpclient.HttpStatus;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.ShortBufferException;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes4.dex */
public class WolfCryptSignature extends SignatureSpi {
    private int MD5h;
    private int SHA256h;
    private int SHA384h;
    private int SHA512h;
    private int SHAh;
    private Asn asn;
    private WolfCryptDebug debug;
    private String digestString;
    private int digestSz;
    private DigestType digestType;
    private Ecc ecc;
    private int internalHashSum;
    private String keyString;
    private KeyType keyType;
    private Md5 md5;
    private Rsa rsa;
    private Sha sha;
    private Sha256 sha256;
    private Sha384 sha384;
    private Sha512 sha512;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.wolfssl.provider.jce.WolfCryptSignature$1, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType;
        static final /* synthetic */ int[] $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType;

        static {
            int[] iArr = new int[KeyType.values().length];
            $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType = iArr;
            try {
                iArr[KeyType.WC_RSA.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[KeyType.WC_ECDSA.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            int[] iArr2 = new int[DigestType.values().length];
            $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType = iArr2;
            try {
                iArr2[DigestType.WC_MD5.ordinal()] = 1;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[DigestType.WC_SHA1.ordinal()] = 2;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[DigestType.WC_SHA256.ordinal()] = 3;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[DigestType.WC_SHA384.ordinal()] = 4;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                $SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[DigestType.WC_SHA512.ordinal()] = 5;
            } catch (NoSuchFieldError unused7) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes4.dex */
    public enum DigestType {
        WC_MD5,
        WC_SHA1,
        WC_SHA256,
        WC_SHA384,
        WC_SHA512
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes4.dex */
    public enum KeyType {
        WC_RSA,
        WC_ECDSA
    }

    /* loaded from: classes4.dex */
    public static final class wcMD5wRSA extends WolfCryptSignature {
        public wcMD5wRSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_RSA, DigestType.WC_MD5, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA1wECDSA extends WolfCryptSignature {
        public wcSHA1wECDSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_ECDSA, DigestType.WC_SHA1, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA1wRSA extends WolfCryptSignature {
        public wcSHA1wRSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_RSA, DigestType.WC_SHA1, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA256wECDSA extends WolfCryptSignature {
        public wcSHA256wECDSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_ECDSA, DigestType.WC_SHA256, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA256wRSA extends WolfCryptSignature {
        public wcSHA256wRSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_RSA, DigestType.WC_SHA256, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA384wECDSA extends WolfCryptSignature {
        public wcSHA384wECDSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_ECDSA, DigestType.WC_SHA384, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA384wRSA extends WolfCryptSignature {
        public wcSHA384wRSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_RSA, DigestType.WC_SHA384, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA512wECDSA extends WolfCryptSignature {
        public wcSHA512wECDSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_ECDSA, DigestType.WC_SHA512, null);
        }
    }

    /* loaded from: classes4.dex */
    public static final class wcSHA512wRSA extends WolfCryptSignature {
        public wcSHA512wRSA() throws NoSuchAlgorithmException {
            super(KeyType.WC_RSA, DigestType.WC_SHA512, null);
        }
    }

    private WolfCryptSignature(KeyType keyType, DigestType digestType) throws NoSuchAlgorithmException {
        this.MD5h = 649;
        this.SHAh = 88;
        this.SHA256h = HttpStatus.SC_REQUEST_URI_TOO_LONG;
        this.SHA384h = HttpStatus.SC_UNSUPPORTED_MEDIA_TYPE;
        this.SHA512h = 416;
        this.asn = null;
        this.rsa = null;
        this.ecc = null;
        this.md5 = null;
        this.sha = null;
        this.sha256 = null;
        this.sha384 = null;
        this.sha512 = null;
        this.keyType = keyType;
        this.digestType = digestType;
        this.asn = new Asn();
        if (keyType != KeyType.WC_RSA && keyType != KeyType.WC_ECDSA) {
            throw new NoSuchAlgorithmException("Signature algorithm key type must be RSA or ECC");
        }
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[digestType.ordinal()];
        if (i == 1) {
            this.md5 = new Md5();
            this.digestSz = 16;
            this.internalHashSum = this.MD5h;
        } else if (i == 2) {
            this.sha = new Sha();
            this.digestSz = 20;
            this.internalHashSum = this.SHAh;
        } else if (i == 3) {
            this.sha256 = new Sha256();
            this.digestSz = 32;
            this.internalHashSum = this.SHA256h;
        } else if (i == 4) {
            this.sha384 = new Sha384();
            this.digestSz = 48;
            this.internalHashSum = this.SHA384h;
        } else {
            if (i != 5) {
                throw new NoSuchAlgorithmException("Unsupported signature algorithm digest type");
            }
            this.sha512 = new Sha512();
            this.digestSz = 64;
            this.internalHashSum = this.SHA512h;
        }
        if (WolfCryptDebug.DEBUG) {
            this.keyString = typeToString(keyType);
            this.digestString = digestToString(digestType);
        }
    }

    /* synthetic */ WolfCryptSignature(KeyType keyType, DigestType digestType, AnonymousClass1 anonymousClass1) throws NoSuchAlgorithmException {
        this(keyType, digestType);
    }

    private String digestToString(DigestType digestType) {
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[digestType.ordinal()];
        return i != 1 ? i != 2 ? i != 3 ? i != 4 ? i != 5 ? "None" : "SHA512" : "SHA384" : "SHA256" : "SHA" : MessageDigestAlgorithms.MD5;
    }

    private void log(String str) {
        WolfCryptDebug.print("[Signature, " + this.keyString + CacheKeyValueDelegate.CACHE_VALUE_SEPARATOR + this.digestString + "] " + str);
    }

    private String typeToString(KeyType keyType) {
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[keyType.ordinal()];
        return i != 1 ? i != 2 ? "None" : "ECDSA" : "RSA";
    }

    private void wolfCryptInitPrivateKey(PrivateKey privateKey, byte[] bArr) throws InvalidKeyException {
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
        if (i == 1) {
            this.rsa.decodePrivateKeyPKCS8(bArr);
        } else {
            if (i != 2) {
                return;
            }
            this.ecc.importPrivate(((ECPrivateKey) privateKey).getS().toByteArray(), null);
        }
    }

    private void wolfCryptInitPublicKey(PublicKey publicKey, byte[] bArr) throws InvalidKeyException {
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
        if (i == 1) {
            this.rsa.decodePublicKey(bArr);
        } else {
            if (i != 2) {
                return;
            }
            this.ecc.publicKeyDecode(bArr);
        }
    }

    private void zeroArray(byte[] bArr) {
        if (bArr == null) {
            return;
        }
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = 0;
        }
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected Object engineGetParameter(String str) throws InvalidParameterException {
        throw new InvalidParameterException("wolfJCE does not support Signature.getParameter()");
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
        KeyType keyType = this.keyType;
        if (keyType == KeyType.WC_RSA && !(privateKey instanceof RSAPrivateKey)) {
            throw new InvalidKeyException("Key is not of type RSAPrivateKey");
        }
        if (keyType == KeyType.WC_ECDSA && !(privateKey instanceof ECPrivateKey)) {
            throw new InvalidKeyException("Key is not of type ECPrivateKey");
        }
        byte[] encoded = privateKey.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException("Key does not support encoding");
        }
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
        if (i == 1) {
            Rsa rsa = this.rsa;
            if (rsa != null) {
                rsa.releaseNativeStruct();
            }
            this.rsa = new Rsa();
        } else if (i == 2) {
            Ecc ecc = this.ecc;
            if (ecc != null) {
                ecc.releaseNativeStruct();
            }
            this.ecc = new Ecc();
        }
        wolfCryptInitPrivateKey(privateKey, encoded);
        int i2 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[this.digestType.ordinal()];
        if (i2 == 1) {
            this.md5.init();
        } else if (i2 == 2) {
            this.sha.init();
        } else if (i2 == 3) {
            this.sha256.init();
        } else if (i2 == 4) {
            this.sha384.init();
        } else if (i2 == 5) {
            this.sha512.init();
        }
        if (WolfCryptDebug.DEBUG) {
            log("init sign with PrivateKey");
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
        KeyType keyType = this.keyType;
        if (keyType == KeyType.WC_RSA && !(publicKey instanceof RSAPublicKey)) {
            throw new InvalidKeyException("Key is not of type RSAPrivateKey");
        }
        if (keyType == KeyType.WC_ECDSA && !(publicKey instanceof ECPublicKey)) {
            throw new InvalidKeyException("Key is not of type ECPrivateKey");
        }
        byte[] encoded = publicKey.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException("Key does not support encoding");
        }
        int i = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
        if (i == 1) {
            Rsa rsa = this.rsa;
            if (rsa != null) {
                rsa.releaseNativeStruct();
            }
            this.rsa = new Rsa();
        } else if (i == 2) {
            Ecc ecc = this.ecc;
            if (ecc != null) {
                ecc.releaseNativeStruct();
            }
            this.ecc = new Ecc();
        }
        wolfCryptInitPublicKey(publicKey, encoded);
        int i2 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[this.digestType.ordinal()];
        if (i2 == 1) {
            this.md5.init();
        } else if (i2 == 2) {
            this.sha.init();
        } else if (i2 == 3) {
            this.sha256.init();
        } else if (i2 == 4) {
            this.sha384.init();
        } else if (i2 == 5) {
            this.sha512.init();
        }
        if (WolfCryptDebug.DEBUG) {
            log("init verify with PublicKey");
        }
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected void engineSetParameter(String str, Object obj) throws InvalidParameterException {
        throw new InvalidParameterException("wolfJCE does not support Signature.setParameter()");
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() throws SignatureException {
        byte[] sign;
        int i = this.digestSz;
        byte[] bArr = new byte[i];
        byte[] bArr2 = new byte[512];
        try {
            int i2 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[this.digestType.ordinal()];
            if (i2 == 1) {
                this.md5.digest(bArr);
            } else if (i2 == 2) {
                this.sha.digest(bArr);
            } else if (i2 == 3) {
                this.sha256.digest(bArr);
            } else if (i2 == 4) {
                this.sha384.digest(bArr);
            } else if (i2 == 5) {
                this.sha512.digest(bArr);
            }
            Rng rng = new Rng();
            rng.init();
            int i3 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
            if (i3 == 1) {
                int encodeSignature = (int) Asn.encodeSignature(bArr2, bArr, i, this.internalHashSum);
                if (encodeSignature < 0) {
                    throw new SignatureException("Failed to DER encode digest during sig gen");
                }
                byte[] bArr3 = new byte[encodeSignature];
                System.arraycopy(bArr2, 0, bArr3, 0, encodeSignature);
                sign = this.rsa.sign(bArr3, rng);
                zeroArray(bArr3);
            } else {
                if (i3 != 2) {
                    throw new SignatureException("Invalid signature algorithm type");
                }
                sign = this.ecc.sign(bArr, rng);
            }
            rng.free();
            rng.releaseNativeStruct();
            if (WolfCryptDebug.DEBUG) {
                if (sign != null) {
                    log("generated signature, len: " + sign.length);
                } else {
                    log("generated signature was null");
                }
            }
            return sign;
        } catch (ShortBufferException e) {
            throw new SignatureException(e.getMessage());
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) throws SignatureException {
        engineUpdate(new byte[]{b}, 0, 1);
        if (WolfCryptDebug.DEBUG) {
            log("update with single byte");
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
        int i3 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[this.digestType.ordinal()];
        if (i3 == 1) {
            this.md5.update(bArr, i, i2);
        } else if (i3 == 2) {
            this.sha.update(bArr, i, i2);
        } else if (i3 == 3) {
            this.sha256.update(bArr, i, i2);
        } else if (i3 == 4) {
            this.sha384.update(bArr, i, i2);
        } else if (i3 == 5) {
            this.sha512.update(bArr, i, i2);
        }
        if (WolfCryptDebug.DEBUG) {
            log("update, offset: " + i + ", len: " + i2);
        }
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) throws SignatureException {
        int i = this.digestSz;
        byte[] bArr2 = new byte[i];
        byte[] bArr3 = new byte[512];
        byte[] bArr4 = new byte[512];
        try {
            int i2 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$DigestType[this.digestType.ordinal()];
            boolean z = true;
            if (i2 == 1) {
                this.md5.digest(bArr2);
            } else if (i2 == 2) {
                this.sha.digest(bArr2);
            } else if (i2 == 3) {
                this.sha256.digest(bArr2);
            } else if (i2 == 4) {
                this.sha384.digest(bArr2);
            } else if (i2 == 5) {
                this.sha512.digest(bArr2);
            }
            int i3 = AnonymousClass1.$SwitchMap$com$wolfssl$provider$jce$WolfCryptSignature$KeyType[this.keyType.ordinal()];
            if (i3 == 1) {
                if (Asn.encodeSignature(bArr3, bArr2, i, this.internalHashSum) < 0) {
                    throw new SignatureException("Failed to DER encode digest during sig verification");
                }
                try {
                    bArr4 = this.rsa.verify(bArr);
                } catch (WolfCryptException unused) {
                    z = false;
                }
                for (int i4 = 0; i4 < bArr4.length; i4++) {
                    if (bArr4[i4] != bArr3[i4]) {
                        z = false;
                    }
                }
            } else if (i3 == 2) {
                try {
                    z = this.ecc.verify(bArr2, bArr);
                } catch (WolfCryptException unused2) {
                    z = false;
                }
            }
            if (WolfCryptDebug.DEBUG && bArr != null) {
                log("finished verify of sig len: " + bArr.length + ", verified: " + z);
            }
            return z;
        } catch (ShortBufferException e) {
            throw new SignatureException(e.getMessage());
        }
    }

    protected void finalize() throws Throwable {
        try {
            Md5 md5 = this.md5;
            if (md5 != null) {
                md5.releaseNativeStruct();
            }
            Sha sha = this.sha;
            if (sha != null) {
                sha.releaseNativeStruct();
            }
            Sha256 sha256 = this.sha256;
            if (sha256 != null) {
                sha256.releaseNativeStruct();
            }
            Sha384 sha384 = this.sha384;
            if (sha384 != null) {
                sha384.releaseNativeStruct();
            }
            Sha512 sha512 = this.sha512;
            if (sha512 != null) {
                sha512.releaseNativeStruct();
            }
            Rsa rsa = this.rsa;
            if (rsa != null) {
                rsa.releaseNativeStruct();
            }
            Ecc ecc = this.ecc;
            if (ecc != null) {
                ecc.releaseNativeStruct();
            }
        } finally {
            super.finalize();
        }
    }
}
