package ee.sk.mid;

import ee.sk.mid.exception.MidInternalErrorException;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ee/sk/mid/MidSignatureVerifier.class */
public class MidSignatureVerifier {
    private static final Logger logger = LoggerFactory.getLogger(MidSignatureVerifier.class);

    public static boolean verifyWithRSA(PublicKey publicKey, MidAuthentication midAuthentication) {
        try {
            Signature signature = Signature.getInstance("NONEwithRSA");
            signature.initVerify(publicKey);
            signature.update(addPadding(midAuthentication.getHashType().getDigestInfoPrefix(), Base64.decodeBase64(midAuthentication.getSignedHashInBase64())));
            return signature.verify(midAuthentication.getSignatureValue());
        } catch (GeneralSecurityException e) {
            logger.error("Signature verification with RSA failed");
            throw new MidInternalErrorException("Signature verification with RSA failed", e);
        }
    }

    private static byte[] addPadding(byte[] bArr, byte[] bArr2) {
        return ArrayUtils.addAll(bArr, bArr2);
    }

    public static boolean verifyWithECDSA(PublicKey publicKey, MidAuthentication midAuthentication) {
        try {
            Security.addProvider(new BouncyCastleProvider());
            Signature signature = Signature.getInstance("NONEwithECDSA", "BC");
            signature.initVerify(publicKey);
            signature.update(Base64.decodeBase64(midAuthentication.getSignedHashInBase64()));
            return signature.verify(fromCVCEncoding(midAuthentication.getSignatureValue()));
        } catch (GeneralSecurityException e) {
            logger.error("Signature verification with ECDSA failed");
            throw new MidInternalErrorException("Signature verification with ECDSA failed", e);
        }
    }

    private static byte[] fromCVCEncoding(byte[] bArr) {
        byte[][] splitArrayInTheMiddle = splitArrayInTheMiddle(bArr);
        return encodeInAsn1(new BigInteger(1, splitArrayInTheMiddle[0]), new BigInteger(1, splitArrayInTheMiddle[1]));
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [byte[], byte[][]] */
    private static byte[][] splitArrayInTheMiddle(byte[] bArr) {
        return new byte[]{ArrayUtils.subarray(bArr, 0, bArr.length / 2), ArrayUtils.subarray(bArr, bArr.length / 2, bArr.length)};
    }

    private static byte[] encodeInAsn1(BigInteger bigInteger, BigInteger bigInteger2) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(bigInteger));
        aSN1EncodableVector.add(new ASN1Integer(bigInteger2));
        try {
            return new DERSequence(aSN1EncodableVector).getEncoded("DER");
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
}
